In this article
If you’re a WordPress.com site owner, then you need a WordPress SSL certificate. The good news is that you already have one in place.
According to WordPress.com’s support team, “Strong encryption is critical to ensure your privacy and security while using WordPress.com. We encrypt all possible traffic, including custom domains hosted on WordPress.com. We consider strong encryption so important that we do not allow you to compromise the security of your site by disabling it. We also 301 redirect all insecure HTTP requests to the secure HTTPS version.”
So, what does this mean? If you have a WordPress.com website (including a site with a custom domain name), then WordPress.com has taken care of a critical piece of site security for you: your SSL certificate.
You may not realize it, but every website that you use to log into a private account, make a purchase, or share personal data has an SSL certificate.
SSL stands for Secure Sockets Layer. Since the days of Netscape Navigator, it has been the global standard in encrypted online security technology. In fact, SSL is so important that Google Chrome may flash a warning signal if you visit a site that does not have an SSL certificate. On top of that, Google’s algorithm may even rank sites without SSL certificates lower in search engine results over ones that do have certificates, according to Search Engine Land.
Do you notice the “https” in front of a website’s URL in your browser? How about a lock icon, safety seal, or a green URL bar? Those indicate that a site has an SSL certificate in place.
An SSL certificate reduces the risk of malicious players (hackers or identity thieves) stealing sensitive information like credit card numbers and passwords from a website visitor or the website itself. Essentially, it provides safe, encrypted communication between your computer and the website you’re visiting.
To obtain an SSL certificate, you need to use a Certificate Authority (CA). CAs are companies and organizations that verify a website’s legitimacy. Any website hosted on WordPress.com automatically has a WordPress SSL certificate in place, which saves you the hassle and expense of having to do it yourself.
The price of an SSL certificate varies between $10 per year to hundreds of dollars per year, depending on which CA you use and the type of SSL certificate you need. If you have some technical acumen and time, you might be able to obtain a free SSL certificate through a nonprofit security authority called Let’s Encrypt.
Again, if you have a WordPress.com site, your WordPress SSL certificate is already taken care of — no additional expense, coding, or setup required.
Even if you don’t sell products or store sensitive information on your website, an SSL certificate gives your visitors a sense of security while they’re browsing through your content. It can also be the deciding factor for ranking higher than competitors in search results.
Want a website with world-class security features and an SSL certificate already included? These are just two of the many benefits of choosing WordPress.com to host your website.