WordPress over HTTPS

Simply had to keep this post here for future references:

HTTPS for WordPress from make.wordpress.org

4 thoughts on “WordPress over HTTPS”

  1. This is a rather dated page. While encryption does inflict a CPU cost, it’s so low these days, that you can ignore it. Have a look at https://istlsfastyet.com/ .

    Also, there are other advantages to switching the whole site to HTTPS. One is SEO. Google (and other search engines) have started giving a higher rating to the websites that are served over HTTPS. Have a look here, for example: http://searchengineland.com/google-starts-giving-ranking-boost-secure-httpsssl-sites-199446

    Another advantage, albeit not precisely just HTTPS is SPDY (a prototype for HTTP 2.0). SPDY provides a variety of performance factors, for which the extra CPU cycles spent on encryption are a small price to pay. For a quick overview of those, have a look at http://daniel.haxx.se/http2/ .

    Pretty much the only annoying bit about HTTPS these days is having to buy the certificate. But even this problem is about to be sorted out. Electronic Frontier Foundation (EFF) is organizing a few big names, like Cisco, Mozilla and Akamai to launch a new certificate authority this year, which will issue free SSL certificates. Read more about it here: https://www.eff.org/deeplinks/2014/11/certificate-authority-encrypt-entire-web

    So, in summary, the WordPress page about HTTPS needs an update. But you are on the right track looking into this direction. 🙂

    1. @Leonid,
      Didn’t know about SEO upgrades towards treating HTTPS in higher rankings, thanks for this link!
      I’m currently checking SPDY specs, not sure if there’s a place to use it so far, but definetely worth prototyping and benchmarking! 🙂

Leave a Reply