Google today made HTTPS connections the default for all of the sites on its Blogspot domain.
Google first enabled HTTPS for Blogspot last September, but at the time, it was an opt-in feature. Starting today, encrypted connections are enabled by default.
It’s worth noting that this only applies to Blogspot blogs that fall under the .blogspot.com domain. HTTPS is currently not available for blogs that use custom domain names.
Blogspot users — and there may be more of them out there than you expect, given that it still ranks as the #43 site globally on Alexa — will also be able to automatically redirect all of their users to the HTTPS version of their blogs.
By default, Blogspot will still offer both access over HTTP and HTTPS. Because many blogspot templates and widgets may not work correctly over HTTPS, it’s probably worth testing both versions before making the full switch to HTTPS.
It’s worth noting that WordPress.com started offering HTTPS support for all the sites on its network since 2014 and recently introduced support for custom domains, too.
If you run your own blog, the efforts of the Let’s Encrypt initiative also now make it easier to get the right certificate to enable HTTPS on your self-hosted sites, too.