HTTPS Everywhere: Encryption for All WordPress.com Sites
At the moment we’re excited to announce free HTTPS for all customized domains hosted on WordPress.com. This brings the safety and efficiency of recent encryption to each weblog and web site we host.
Better of all, the modifications are automated — you gained’t have to do a factor.
Because the EFF factors out as a part of their Encrypt the Web initiative, robust encryption protects our customers in numerous methods, together with defending towards surveillance of content material and communications, cookie theft, account hijacking, and different net safety flaws.
WordPress.com has supported encryption for websites utilizing WordPress.com subdomains (like https://barry.wordpress.com/) since 2014. Our newest efforts now broaden encryption to the million-plus customized domains (like automattic.com) hosted on WordPress.com.
The Let’s Encrypt venture gave us an environment friendly and automatic approach to offer SSL certificates for numerous domains. We launched the primary batch of certificates in January 2016 and instantly beginning working with Let’s Encrypt to make the method smoother for our large and rising listing of domains.
For you, the customers, meaning you’ll see safe encryption mechanically deployed on each new website inside minutes. We’re closing the door to un-encrypted net visitors (HTTP) at each alternative.
Net encryption offers greater than safety
Protocol enhancements like SPDY and HTTP/2 have narrowed the efficiency hole between encrypted and un-encrypted net visitors, with encrypted HTTP/2 outperforming un-encrypted HTTP/1.1 in some instances.
Google additionally announced HTTPS is used as a rating sign in search outcomes, with HTTPS-enabled websites ranked above their plaintext counterparts.
As a WordPress.com website proprietor, hold an eye fixed out for this function in your customized domains. As soon as your website is HTTPS-enabled, it is best to see a inexperienced lock icon in your browser’s tackle bar. All plaintext HTTP requests will probably be routinely redirected to their encrypted counterpart (your URL will start with
https:// as an alternative of
http://). We’ll transparently deal with all of the complexities of SSL certificates administration for you.
We take safety critically, and we’re proud to supply this to WordPress.com customers. For extra details about encryption, please see our support documentation.