WordPress pushes Free HTTPS Encryption for all its blogs

WordPress announces “HTTPS Everywhere, Encryption for All WordPress.com Sites,” millions websites will be secured without users’ effort.

WordPress is pushing free default SSL for all the website running the popular CMS and hosted on WordPress.com, that means over 26% of websites based on the most popular CMSs on the web will be secured (Statistics by W3techs).

On Friday, WordPress announced that it has partnered with the Let’s Encrypt project in order to offer free HTTPS support for all of its users on WordPress.com blogs.

According to the systems engineer Barry Abrahamson from WordPress’ parent company Automattic, the roll out will be transparent without impact on the users.

“Today we are excited to announce free HTTPS for all custom domains hosted on WordPress.com. This brings the security and performance of modern encryption to every blog and website we host. Best of all, the changes are automatic — you won’t need to do a thing.” Abrahamson wrote in a blog post.

“This brings the security and performance of modern encryption to every blog and website we host.” “For you, the users, that means you’ll see secure encryption automatically deployed on every new site within minutes. We are closing the door to un-encrypted web traffic (HTTP) at every opportunity.”

That is great, more security, for free and without any effort! The Internet will be a better place, users will be protected from eavesdropping. The massive introduction of Web encryption provides more than security to the users, the protocol enhancements like SPDY and HTTP/2 have reduced in a significant way the performance gap between encrypted and unencrypted web traffic.

Digital certificates will be offered by the Let’s Encrypt initiative starting from January.

“The Let’s Encrypt project gave us an efficient and automated way to provide SSL certificates for a large number of domains. We launched the first batch of certificates in January 2016 and immediately started working with Let’s Encrypt to make the process smoother for our massive and growing list of domains.” added Abrahamson.

Summarizing … WordPress.com is activating HTTPS on all its websites without requesting users intervention.

Enjoy it!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – HTTPS, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.