HTTPS is already available if you have a ‘.wordpress.com’ site but this is now being rolled out to custom domains that only use the WordPress backend.
This will immediately apply to any new sites created using a custom domain, with existing websites built on WordPress gradually being upgraded. WordPress will automatically redirect any requests that use HTTP to the new HTTPS version.
WordPress is the most popular CMS system on the Web, used by over a quarter of all websites, so this move represents a huge shift over to a more secure internet.
This is no doubt prompted by the news that Google has started favoring secure over non-secure domains, but the tech giant recently highlighted that many major sites, including many of its own products, are yet to make the switch.
WordPress has been working with the Let’s Encrypt project to help it automate the certification process for sites that use its platform.