Google has introduced HTTPS for all the BlogSpot. All blogs hosted on Google’s blogspot.com domain can now be accessed over an encrypted HTTPS connection. This is an automatic process, so bloggers don’t have to change any setting.
Google has redirected all the HTTP BlogSpot URLs to the new HTTPS version. So there’s no need to worry about people being able to find the content on the new secure server.
“HTTPS is fundamental to internet security. It protects the integrity and confidentiality of data sent between websites and visitors’ browsers. Today, we’re launching HTTPS version for every blogspot domain blog. With this change, visitors can access any blogspot domain blog over an encrypted channel.” Said Milinda Perera, Software Engineer, Security in a post.
Last September, Google rolled out HTTPS support for BlogSpot domain blogs so bloggers could try it out. As part of this launch, Google has removed the HTTPS Availability setting. If you did not previously turn on this setting, your blogs will have an HTTPS version enabled automatically.
Google has added a new feature called HTTPS redirect. If you turn on this new setting, all visitors will be redirected to the HTTPS version of your blog at https://<my-blog>.blogspot.com even if they go to http://<my-blog>.blogspot.com.
If you choose to turn off this setting, visitors will have two options for viewing your blog.
- The unencrypted version at http://<my-blog>.blogspot.com.
- The encrypted version at https://<my-blog>.blogspot.com.
Mixed contents might not work over HTTPS. Mixed content refers to a webpage where the initial HTML content is loaded over a secure HTTPS connection, but other resources (such as images, videos, stylesheets, scripts) are then loaded over an insecure HTTP connection.
Two more things about HTTPS for all the BlogSpot
- Existing links and bookmarks to your blogs are not affected by this launch. They will continue to work.
- Blogs on custom domains will not yet have HTTPS support.