Last year we made a big step towards making the SSL certificates more widely used. We backed financially the super cool open SSL project Let’s Encrypt and we provided an easy cPanel interface, from where all our users can issue free Let’s Encrypt certificates with a single click. This has resulted in more than 40 thousand new SSL installations on our servers. However, there is still a long way to go before we see HTTPS protocol completely replace the insecure HTTP. Now, in the very beginning of 2017 we are happy to announce that we have taken the next big step in this direction -- we have started to automatically issue Let's Encrypt certificates for every domain that is hosted on our shared servers.
Every site should have an SSL
The web is obviously moving into the direction of making HTTPS the preferred, if not the compulsory, protocol. And these are just few of the reasons why this trend will continue to be massive in 2017:
- Google has officially announced that HTTPS will be a factor for search results standings
- The use of HTTP/2 protocol, that results in serious loading speed gains, is supported by browsers only over encrypted connection.
- Google Chrome browser will gradually start to indicate more obviously non-HTTPS websites as insecure.
- Matt Mullenweg, the founder of WordPress has announced that some of the new WordPress features released in 2017 will be available only for sites using HTTPS (go to 31:00 minute to hear it).
So, with so many influential entities openly supporting this trend, there is no way back to http.
We make the move to HTTPS easy
To make the transitions easier for our users we have made one more big step: during the holidays we have issued several hundred thousands certificates for all the domains that are already hosted on our shared servers. So our existing customers welcomed 2017 even more HTTPS ready than before. We also have started to issue the Let’s Encrypt certificate and install it on the customer’s account automatically just a short time after a new domain is registered by us or detected to be directed to our servers. And this includes not only the primary account domains, but also addon domains created by our users through the cPanel. All certificates will be renewed automatically by us too, as long as the domains they have been issued for are pointed to our servers. All this does not mean that our users’ websites have started to work by https by default JUST YET. You still need to configure your site to use the issued certificate. (Here you can read more about how to configure a WordPress site to use HTTPS or how to do the trick by editing your htaccess file). If this seems like too much work for you, just wait for our next big SSL-related surprise, which will be announced soon!