Tuesday, April 12, 2016

Wordpress automates https for its own custom domains; not sure yet what happens on Blue Host and similar providers

Wordpress has recently announced “Https everywhere”, that is “Encryption at all wordpress.com sites”. The link is here but may require a Wordpress account to view. 

The encryption will protect custom domains hosted on Wordpress.com, but it is not clear if this includes domains on shared or dedicated domains offered by companies like "Blue Host" and "Dream Host."
In the recent past, I’ve read that Bluehost encryption is fairly complicated and limits the size of images.  I hope there is improvement in this issue.  You should be able to get the same level of encryption (and same blogger and end user convenience) on paid hosting for your own domain (with a separate copy of the blogging software) as on a “free” content host as a subdomain.   I may call Bluehost soon about this. 

Blogtyrant’s Toolbox recommends StrongVPN but does not yet mention SSL or https for the blog itself.  I’m hoping Ramsay Taplin will write about this issue soon.  We may see more written about this subject soon at EFF, and at blogs run by security companies like Webroot and Trend.   
It would appear relevant to allow the end user to choose whether she needs to use SSL by entering https herself, rather than defaulting. 

1 comment:

Blogger said...

DreamHost is ultimately one of the best hosting provider with plans for any hosting requirments.