SSL enabled by default for all customers

“HTTPS has become the obvious choice over HTTP, and that is why we now enable SSL by default for all our customers.”

You may have noticed that the SSL section is no longer visible in the control panel. But, not to worry, this is actually a good thing!

SSL is now enabled by default for all our customers. Since you no longer need to activate it yourself, the SSL section in the control panel has become unnecessary.

Why did we make SSL the default setting?

By having an SSL certificate issued for your domain, your domain can be identified as secure. This allows your visitors to access your site securely via HTTPS.

In the past HTTP was the norm for most websites and only pages with sensitive data, like payment or login pages, used HTTPS. Over the years, the way we use the internet has changed. Websites have become more interactive, and we share much more information than before, making security even more important.

In line with these developments, Google announced last year that they want to encourage people to use primarily HTTPS. To do this, sites that are only using HTTP, will in the future be marked as insecure when a user enters data in Chrome. On top of that sites that are using HTTPS get a boost in their search ranking.

Because of all this, HTTPS has become the obvious choice over HTTP, and that is why we now enable SSL by default for all our customers.

How does HTTPS help to improve security?

HTTPS is the secure version of the “Hypertext transfer protocol” that a browser uses to communicate with websites. It encrypts the connection between your browser and the server so that others cannot change or intercept content when you are, for example, using a public WiFi.

You can verify if you are using HTTPS, by the closed padlock that is visible in the address bar of your browser. However, as HTTPS becomes the new norm, the padlock will probably be removed in the future.

Redirect all traffic to HTTPS

Even though an SSL certificate has been issued for your domain, this doesn’t mean that all traffic automatically goes via HTTPS. Your customers can still access your site when they type in the address with HTTP. This may unintentionally give the impression that your site is not secure.

You can avoid this by redirecting all traffic to HTTPS. When someone types in an address with HTTP or clicks a link with HTTP, they will automatically be redirected to the secure version with HTTPS.

Not sure how to do this? Check out our step-by-step guides on how to set this up for your WordPress and Website Builder sites: