WordPress sites are now a little more secure.

All WordPress.com domains, including custom domains that live atop the WordPress.com platform, now come with free HTTPS encryption, parent company Automattic announced.

“WordPress.com has supported encryption for sites using WordPress.com subdomains (like https://barry.wordpress.com/) since 2014. Our latest efforts now expand encryption to the million-plus custom domains (like automattic.com) hosted on WordPress.com,” the company said.

Automattic says the move will secure more than 1 million custom domains hosted on WordPress.com.

“For you, the users, that means you’ll see secure encryption automatically deployed on every new site within minutes. We are closing the door to un-encrypted web traffic (HTTP) at every opportunity,” Automattic says.

Once complete, the URL will begin with https:// and site owners will find that their domains have a green lock icon in a browser’s address bar.

“All plaintext HTTP requests will be automatically redirected to their encrypted counterpart,” Automattic told site owners. “We will transparently handle all the complexities of SSL certificate management for you.”