Automattic wants everyone to know that it’s taking steps to ensure that the services you use are secure. The company behind the WordPress blogging and content management platform announced on Thursday that in 2017, it’ll be investing heavily in SSL security technology. This means that initially it will only promote hosting providers that provide an SSL certificate by default in their accounts. In the future, it plans on extending such scrutiny to features, making them available only when they have been certified.
A member of the Let’s Encrypt project, the company is no stranger to improved security. And it definitely needs to keep on top of things as it continues to grow — more than 25 percent of internet sites use WordPress, which highlights its importance; if the platform lacks proper security measures, then it could result in serious issues sooner rather than later. Automattic already enables free HTTPS support for all customers that have custom domains on WordPress.com and also provides SSL certification for its WordPress.com subdomains.
Today’s announcement is a warning to third-party developers and partners that Automattic will crack down, promoting them only if they are up to par with security. It follows a promise that the company has made in the past, through its participation of the Reset the Net movement, which seeks to end exploitable holes in encryption software, including SSL encryption standards.
Automattic is far from the only one tackling this issue, as it joins Google, Amazon Web Services (AWS), and other technology firms in backing SSL and secure encryption.
We’ve reached out to Automattic for more information and will update if we hear back.