What the WordPress.com HTTPS Rollout for All Sites Means for You
WordPress has a 60% market share in the Content Management System (CMS) market. Until now, most default connections to WordPress websites have been unsecured as HTTP.
HTTPS protocol means the site you are visiting has a secure connection with you (a green padlock symbol in your browser’s address bar) because it uses encrypted connection for all your sessions.
Now, all domains hosted on WordPress.com will have free HTTPS connection, which will increase the performance and security of the encryption to all blogs and websites hosted by WordPress. That means that a large percentage of the Internet’s websites are now secured.
Having a strong encryption will not only provide you with secure communication, it will also provide authentication against account hijacking and cookie theft, and will ensure communication is being performed privately and to the right website.
If you have a WordPress.com website, you no longer have to purchase an SSL certificate from a certificate authority, or worry about how to install it. You don’t need to worry about the expiration of the certificate, since WordPress will automatically take care of it for you. You pay nothing to WordPress for using these services.
The Let’s Encrypt project used by WordPress.com provides an automated and efficient way to distribute SSL certificates to a huge number of domains. As a WordPress.com site owner, once your website is HTTPS-supported, you will see a green padlock in the address bar of your browser. More than 1,000,000 certificates have been already issued by Let’s Encrypt.
All the requests related to HTTP will get automatically redirected to their respective encrypted URL (https:// instead of http://). WordPress.com will handle all the complexities related to management of SSL certificate for you.
Previously, traffic to and from unencrypted websites could be easily redirected, intercepted, or modified. Now, with HTTPS being used by WordPress.com, security will increase automatically and every piece of content on your website will be encrypted.
Google has also stated that HTTPS being used by a website is an important factor for page rankings in Google search results. For Google, HTTPS-enabled websites are more secure and can be ranked above other websites which are still using HTTP connection.
