WordPress edging towards requiring HTTPS as standard

4 min read
Jonny Pathan
WordPress logo featuring HTTPS

We take a look at whether you should be considering using SSL, and if you should take action.

At the end of last year WordPress founder, Matt Mullenweg announced some news on SSL saying “2017 is going to be the year that we’re going to see features in WordPress which require hosts to have HTTPS available”.

No need to worry just yet though, it seems WordPress will be starting this transition with baby steps at first, such as only promoting hosting partners that provide a SSL certificate by default in their accounts. However, it’s inevitable that at some point, SSL will become mandatory for WordPress websites.

So, what does this mean for WordPress website owners? Let’s find out.

What is HTTPS?

HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. Essentially, it means all communications between your web browser and the website are encrypted. HTTPS is often used to protect confidential transactions like online banking and ecommerce transactions.

Most browsers display a green padlock icon in the address bar to visually indicate that a HTTPS connection is in effect.

HTTPS screenshot

Why are WordPress taking action?

It’s no secret, HTTPS has lots of benefits, here are a few:

Users Trust SSL More.

According to Comodo Group, Inc – 70% of online shoppers cancelled their online order because they did not “trust” the transaction. A survey conducted by Matthew Niederberger on Actual Insights, found trust logos increased the trustworthiness in over 75% of respondents. He also found that “61% of participants said they have at one time NOT completed a purchase because there were no trust logos present.”

Paypal login screen
PayPal’s login screen

Google’s all over it

Way back in 2014, Google announced they’ll be using HTTPS as a ranking signal, saying “over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.”

Google Secure Logo
They love it

To back that up, MOZ recently announced that 50% of page 1 results on Google were from HTTPS enabled websites, FIF-TY-PER-CENT! That number is predicted to rise to around 75% come the end of 2017.

% of HTTPS Results on Google Page 1
Percentage of HTTPS results on page 1 of Google


The main reason for SSL: encryption. SSL makes sure that every packet of data exchanged between a user’s browser and a website is protected by encryption techniques. In the event of an unwanted party getting a hold of this data, the useful information is rendered unreadable by means of encryption. Handy right.

How to get HTTPS?

Give us loads of money… ?

In-case you took that seriously, and you have got loads of money, it’s not much use any more… In steps LetsEncrypt, a free, automated, and open certificate authority (CA), run for the public’s benefit). Though not supported by all hosting companies yet, LetsEncrypt is making it extremely easy, and free for most website owners to obtain an SSL certificate. With super simple installation (usually one click), it’s a no brainer. To check if your hosting provider supports it, check out this list of all known supported hosts.

If you don’t want a free one, that’s fine too. Most hosting companies will let you purchase a regular certificate through their control panels. In-fact, here at WATB we’re using a paid one, once that’s expired though, we’ll be sure to move over to LetsEncrypt.

What if You Don’t Want HTTPS?

You could see various things happening to your website over time if you don’t upgrade to HTTPS.

  • The consequences set out by Google, i.e: lower rankings and having your users see a “Not Secure” warning when they try to access your website via Google Chrome.
  • Your site may be an easier target for hacking
  • You may find obstacles using WordPress in the future and lose some functionality on WordPress plugins.

To Summarise

There’s not much to lose by implementing HTTPS on your website to be honest, you may as well make it happen. Best to be prepared and all that! And if you’re a WordPress website owner, you may have no choice soon.

What Next?
Check out our article – Things to check on your WordPress site when moving to SSL

Also, here’s a great resource WordPress SSL: How To Switch From HTTP To HTTPS (13 Simple Steps)

MOZ recently announced that 50% of page 1 results on Google were from HTTPS enabled websites, FIF-TY-PER-CENT!

Related Posts

Posts you may also like