Google Redirects every Blogspot domain to HTTPS to Bolster Security

Google software engineer Milinda Perera said this week that the company is now rolling out an HTTPS version of every single blog stored away on the Blogspot domain. The security step means visitors may load up their favorite blog on this specific domain over an encrypted channel which will prevent any surveillance or eavesdroppers from seeing what they’re actually accessing. Even more, there’s nothing to enable: all Blogspot domain residents automatically have the HTTPS version switched on.

The HTTPS indicator in the Chrome browse

All existing links and bookmarks to your blogs are not affected by this launch, and will continue to work. However blogs on custom domains will not yet have HTTPS support.

A new setting called HTTPS Redirect that allows you to opt-in to redirect HTTP requests to HTTPS. While all blogspot blogs will have an HTTPS version enabled, if you turn on this new setting, all visitors will be redirected to the HTTPS version of your blog at https://<your-blog>.blogspot.com even if they go to http://<your-blog>.blogspot.com. If you choose to turn off this setting, visitors will have two options for viewing your blog: the unencrypted version at http://<your-blog>.blogspot.com or the encrypted version at https://<your-blog>.blogspot.com.

To help spot and fix these errors, we recently released a mixed content warning tool that alerts you to possible mixed content issues in your posts, and gives you the option to fix them automatically before saving.

Read more from Google Blog post