WordPress creator and Automattic founder Matt Mullenweg announced today that upcoming versions of the WordPress CMS would include features that would require hosts to support HTTPS.
Without providing any details on what these features are, Mullenweg said that it was time for the WordPress team to start pushing their followers to implement HTTPS for their sites.
WordPress.com already provides free HTTPS
WordPress is currently available as an open-source CMS provided by The WordPress Foundation, but also as a hosted blogging platform provided by Automattic.
In April 2016, Automattic announced free HTTPS for the majority of WordPress.com blogs via Let’s Encrypt, a joint EFF-Mozilla project that provides free SSL certificates for any site that wishes to support HTTPS.
Starting with early 2017, The WordPress Foundation, through its wordpress.org project, will start to promote hosting platforms that provide an SSL certificate for their clients.this is because future WordPress versions would “require hosts to have HTTPS available,” and the WordPress team would like to see as many hosting providers and clients start to migrate their sites to HTTPS in the meantime.