If yes, then there is good news for you.
WordPress is bringing free HTTPS to every blog and website that belongs to them in an effort to make the Web more secure.
WordPress – free, open source and the most popular a content management system (CMS) system on the Web – is being used by over a quarter of all websites across the world, and this new move represents a massive shift over to a more secure Internet
WordPress announced on Friday that it has partnered with the Electronic Frontier Foundation's "Let's Encrypt" project, allowing it to provide reliable and free HTTPS support for all of its customers that use custom domains for their WordPress.com blogs.
Now every website hosted on wordpress.com has an SSL certificate and will display a green lock in the address bar.
"For you, the users, that means you'll see secure encryption automatically deployed on every new site within minutes. We are closing the door to unencrypted web traffic (HTTP) at every opportunity," Wordpress said in its blog post.
HTTPS has already been available for all sub-domains registered on wordpress.com, but with the latest update, the company will soon offer free SSL certs for its custom domains that just use the WordPress backend.
In short, users with custom domains (https://abcdomain.com) will now receive a free SSL certificate issued by Let's Encrypt and on behalf of Wordpress, and have it automatically deployed on their servers with minimal effort.
Until now, switching web server from HTTP to HTTPS is something of a hassle and expense for website operators and notoriously hard to install and maintain it.
However, with the launch of Let's Encrypt, it is now easier for anyone to obtain Free SSL/TLS (Secure Socket Layer/Transport Layer Security) certificates for his/her web servers and set up HTTPS websites in a few simple steps.
Now WordPress is also taking advantage of this free, open source initiative for its websites.
So you might have a question in your mind:
What do I need to do to activate HTTPS on my WordPress blog?
You do not need to worry about this at all. WordPress.com is activating HTTPS on all of its millions websites without having you to do anything.
Let's Encrypt is trusted and recognized by all major browsers, including Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer, so you need not worry about its authenticity.
However, in case you don't own a WordPress blog, but you want a free SSL certificate from Let's Encrypt, here is a step-by-step guide on How to Install Let's Encrypt Free SSL Certificate On Your Website.