WordPress is Moving Towards SSL

Last updated on by admin

WordPress just announced recently that in 2017 they are going to implement features in the core that will require your website to have HTTPS available. WordPress has already created a better and smoother experiences for its users with Calypso – an admin interface that uses JavaScript and WP REST API to manage your WordPress site such as install themes and plugins, customize CSS, customize the navigation menu or header etc. Now they want to focus on the server side of the code that runs in PHP. And making SSL required is the next step to building a secure web for everyone.

WordPress and HTTPs

When a site loads in HTTPs this means that the connection between your browser and the server is encrypted. You can check it by simply looking at the green lock icon next to the address bar. Most administrators don’t like to add a SSL certificate to their website since it’s expensive. It’s usually implemented by the webmasters who run an e-commerce site as well as accept credit card payments. However, This trend is about to change. With open source project like Let’s Encrypt, SSL has become free for everyone. As soon as you integrate Let’s Encrypt into your site you don’t have to worry about yearly SSL charge anymore. Once it’s set up the certificate will renew automatically and your site will continue to use HTTPs for free.

Google and HTTPs

If you use Google Chrome you may have noticed a neutral indicator when visiting a HTTP page that accepts password or credit card data. Beginning in January 2017 Google Chrome will start showing this page as “Not secure”. Google is taking this initiative to force more webmasters to HTTPs and help users browse the web safely.

screenshot showing ssl security warning in Google Chrome beginning in January 2017

What Does This SSL Change Mean?

This change means that as of 2017 WordPress will only recommend web hosts that support SSL by default with their hosting plain. They are currently offering Bluehost, DreamHost, Flywheel and SiteGround as their recommend hosts. But only two of them (SiteGround and DreamHost) are offering a free SSL certificate with their shard hosting plan. The reason why I’m referring to shared hosting is because most newbie users start with a shared hosting plan. I believe It’s possible that you will get a free SSL certificate with a dedicated/VPS hosting but that will cost you a fortune as well. Unless you are generating a decent amount of revenue from your site, I don’t think you would want to switch to a dedicate/VPS hosting.

SiteGround or DreamHost?

Between SiteGround and DreamHost I would probably go with SiteGround. Their shared hosting plan is cheaper than DreamHost and they have a really good reputation for providing great support. Besides, WordPress has a plan to consider hosts that use PHP 7 as the performance improvements in PHP 7 is spectacular. And SiteGround is one of these hosts that offer PHP 7 by default in all of their accounts.

60% off HostGator WordPress hostingspecial Bluehost WordPress hosting

2 thoughts on “WordPress is Moving Towards SSL”

  1. When you say, “WordPress just announced recently that in 2017 they are going to implement features in the core that will require your website to have HTTPS available.”, could you please add a link to this announcement. I am curious.

Leave a Reply

Your email address will not be published. Required fields are marked *