WordPress.com has announced that the service will start rolling out automatically free SSL certificates for all custom domains hosted on WordPress.com. Visitors to any custom domain that is hosted at WordPress.com will automatically be encrypted. WordPress.com cite’s benefits of the encryption includes protection against surveillance, cookie theft, account hijacking, and helping to prevent other security flaws that may expose data via an unencrypted connection.
The WordPress.com hosting service has supported SSL encryption on subdomains hosted at WordPress.com since 2014. The roll out of this new initiative is aimed at custom domains aka domains that are hosted on the WordPress.com platform. The SSL certificates being used will be powered by the Let’s Encrypt project.