HTTPS adds a layer of encryption that prevents others from snooping on or tampering with traffic to your site. You can enforce HTTPS for your GitHub Pages site to transparently redirect all HTTP requests to HTTPS.| GitHub Docs
You can increase the security of your custom domain and avoid takeover attacks by verifying your domain.| GitHub Docs
You can set up or update certain DNS records and your repository settings to point the default domain for your GitHub Pages site to a custom domain.| GitHub Docs
GitHub Pages supports using custom domains, or changing the root of your site's URL from the default, like octocat.github.io, to any domain you own.| GitHub Docs
CAA is a type of DNS record that allows site owners to specify which Certificate Authorities (CAs) are allowed to issue certificates containing their domain names. It was first standardized in 2013, and the version we use today was standardized in 2019 by RFC 8659 and RFC 8657. By default, every public CA is allowed to issue certificates for any domain name in the public DNS, provided they validate control of that domain name.| letsencrypt.org