Google has now made HTTPS connections the default for all sites in its Blogspot domain.
Google first enabled HTTPS for Blogspot last September, but at the time it was an opt-in feature. From today, encrypted connections are enabled by default.
It should be noted that this only applies to Blogspot blogs that fall under the .blogspot.com domain. HTTPS is currently not available for blogs that use custom domain names.
Blogspot users – and perhaps more than expected, given that it still ranks 43rd in the world on Alexa – will also be able to automatically redirect all of their users to the HTTPS version of their blogs.
By default, Blogspot will always offer both access via HTTP and HTTPS. Since many blogspot templates and widgets may not work well over HTTPS, it’s probably worth testing both versions before switching to HTTPS completely.
It should be noted that WordPress.com started offering HTTPS support for all sites in its network since 2014 and recently introduced support for custom domains as well.
If you run your own blog, the efforts of the Let’s Encrypt initiative now make it easier to obtain the right certificate to enable HTTPS on your self-hosted sites.