There are a few steps here in descending order of importance.
The .is domain is Iceland. So why get a domain from there? Because Iceland is outside the jurisdiction of ICANN (Internet Corporation for Assigned Names and Numbers). Iceland is not regulated by ICANN either and runs its own name servers and domain registration. Iceland is also the worlds best place for the protection of journalistic free speech and has tough laws to do so. It is nearly impossible to get your .is domain hijacked or your site taken down (if you are hosting in Iceland).
If you have a site that provides information that is unique or hard to find or goes against the 'narrative' then the next step is to get the .is equivalent of your domain. You go here to do so. An .is domain costs €29.90 - which roughly equates to $36.
I purchased my matrixfiles.is domain a few years ago and have pointed in to matrixfiles.com ever since. Have a go by clicking here and watch the address bar of the new tab.
Iceland has reveaed itself, last year (2021), to be just as bad as everyone else, so I would NOT recommend getting an .is domain anymore.
Back in the early days of the internet a great deal was done to secure pages that accepted credit cards. A protocol was developed to make it safe to transmit credit card details and other sensitive information. This protocol is something called Secure Socket Layer. A number of years ago all 'professional' web developers and internet hosting companies began pushing for the use of SSL across all sites and all site pages. This was done without fanfare and was done quite stealthily. 'Why?', you may ask... The SSL issuers were some of the biggest companies in the world of ecommerce and were themselves owned by corporations that did not have the well being of the world at heart. The ownwership of who owns these SSL issuers is now much harder to fathom but there was a study done in Switzerland that showed that the majority of the world's corporations were owned by 147 entities. You can download and read that study here (if you want to open the study in a new tab click here). You may have heard of some of them - Blackrock, Vanguard, State Street, etc.
If your site is run as, for example, https://matrixfiles.com, all that has to happen for your site to be knocked off the 'net is for someone to find that your site is 'selling illegal content/kiddie porn/and other made up stuff', and your certificate gets pulled and bamm! you are off the internet and no one can access your pages.
SSL should only be used for pages where you are accepting credit cards or where people are logging in to a section of your site that requires a user name and password. The rest of the site should NOT have SSL. Yet look what these bastards are doing now. Browsers are reporting sites that do not have SSL installed. It is done by a very discrete but annoying icon to the left of your address bar and the icon is deliberately made to look ominous to scare a user into not accessing that site or page. Its psychological manipulation plain and simple.
Cloudflare is supposdely a service that prevents DDoS (Distributed Denial of Service) attacks. But if you are a site that only gets a few hundred or a few thousand hits a week or month why would you need this service? Even high traffic sites (in the millions) are at risk of having this company 'interrupt' service if the powers that be (TPTB) don't like what you are doing.
So how does Cloudflare work? First you have to enable it from your cpanel within your hosting account. It then works by sending all browser requests first to Cloudflare and then on to your website. You can see the potential for abuse here already. You NEVER want something sitting between your site and your user, like a Gatekeeper. No one has a right to do that. Sometimes, Cloudflare is triggered by regular browser activity. The question then arises, 'What the heck is going on?' when this happens for no apparent reason. How about data gathering and user tracking???? We are seeing what is now happening in the world (Feb 2021) with the rise of Communism/Fascism with people's lives being at risk for saying or thinking the wrong thing. Well, one's browsing habits tell a lot about an indidivual and there is no doubt a huge amount of info about your browsing history is logged somewhere or sitting in a server in some huge building. Cloudflare does that. It logs EVERYTHING about what is happening with your site and it has nothing to do with protecting it. So, TURN. IT. OFF.
Google is a very evil company. It censors people's searches, it delists websites from search results that have information that is contrary to the 'narrative', it demonetizes sites and YouTube channels that don't 'tow the party line' or whose information is too revealing (like anti-vaccine sites) and the list goes on.
One of the ways it interferes with sites is that when it is installed as code at the top of the page it can slow the download of a page to a mere crawl so that it makes it very difficult for people to view it. This occurs with sites that have vital information that helps people make informed decisions (about vaccines for instance). Any site that has contrary information to that which is being promoted and pumped out by the Pirahna Press (or the Main Stream Media as some call it - MSM) will be affected if it has Google Analytics installed.
One other thing that it is designed to do is to give you a false sense of security in that when you view your site it allows your site to work correctly when you view it but when someone else views your page they will have all sorts of trouble (this applies to your site only when it is an alternative site to give people information that is contrary to what is being promoted - a very good example of a site that encompasses all that I have written up till this point is this site by Jim Stone). So get rid of it if you have it and never install it if you don't. And don't worry about losing the analytics - every hosting acount that one purchases has its own analytics module called Webalizer. On shared hosting its easily accessible in your cPanel and in VPS environments you have to usually enable it. It gives you a good overview of where your users come from, which browser and operating system they are using and which pages on your site they are visiting. If you still want more than what webalizer offers, use Statcounter.com.
Now that we've got rid of these services we move on to Step 4 - The penultimate step in bomb-proofing your site.