Move to Self-Hosted WordPress

Menu

Avoid security warnings

Your WordPress.com site is protected through HTTPS encryption, improving both security and performance for your site. Visually the only change is an extra S in your browser address (https instead of http) and the green lock in your browser bar when visiting your site:

https-visual

Unfortunately, not all hosting companies offer this option by default (yet). Depending on the hosting company you have chosen, you might be transferring your site from an HTTPS URL to a plain old HTTP one. Your site won’t be accesible any more through those HTTPS links.

Anyone who tries to access your site using one of the HTTPS URLS, will get a security warning. This affects mostly visitors coming through Google (the search engines need time to update their records to HTTP) and those who bookmarked your page.

There are several options to prevent these security warnings:

Option 1: Add an SSL certificate from your hosting company.
Your hosting company most likely offers information and documentation regarding SSL certificates on their website. Make sure to check which options are available for free and which are paid upgrades.

Option 2: Get a free SSL certificate
If your hosting company does not offer free SSL certificates, there are two alternatives you can choose from:

  • Get your own free SSL certificate, for example via Let’s Encrypt). You will have to install this on your hosting account yourself.
  • If you don’t want to install a SSL certificate, you can use a service like Cloudflare to route your DNS through their servers.

An Automattic Invention