The Wufoo Blog

Making Wufoo More Secure: SSL/HTTPS

By Johan Lieu · October 9th, 2013

SSLWe’ve recently made a very important change to way that we manage the security of your Wufoo experience and want to let you know about our decision to make this change.

Beginning on 9/17/2013, we made the change to enable HTTPS by default for all forms, widgets, and reports. Previously, HTTPS was only available to customers on our Bona Fide or better plans, but we’ve now made it available for all users on all plans by default.

From now on, whenever you copy and paste your form URL to share with coworkers, customers, and others, you’ll notice that the URL now has HTTPS indicating that it will be served securely whenever someone views the form. When someone submits information? That’s right—secure.

This also applies if you use our Code Manager to grab the embed code to place your form on your own site. Whether it’s via Javascript, iframe, or our WordPress Shortcode plugin, your form will be served over HTTPS and your information and data will be secure. Additionally, we’ve made this change for all widgets and reports in addition to forms, so anything you share will be secure by default.

This was a big and important change for us here at Wufoo and we feel that it was the right thing to do for you—our awesome customers.

From all of us…thanks again for using Wufoo.


  1. What if I’ve embedded my form using HTTP in the past?

    If you’ve embedded your form prior to 9/17, your form will still work. It was a big technical hurdle to ensure that enabling HTTPS by default for forms did not affect the many, many forms that were in use around the web.

  2. Can I still customize my secure form with my own logo or CSS?

    Yup! The only think you’ll need to do is to ensure that your logo is being securely hosted and that the logo will be served over HTTPS. This same goes for hosting your own CSS files for customizing the look of your forms. You can find more information about secure hosting here.

  3. I’m having other issues with my forms since the update.

    If you’re experiencing any issues with your forms since we’ve enabled HTTPS by default, please let us know.

This entry was posted 4 years ago and was filed under News and Updates. Comments are currently closed.


  1. This is probably an obvious issue - previous links will still work? Meaning that if the form is now at https, and not http, the http will auto-redirect to https?

    Posted 4 years ago by Soccer Coach David.
  2. Ahhhhhhh a skurity blanket for forms! Thank you

    Posted 4 years ago by Myra Brandenburg.
  3. @Soccer Coach David: You’re correct, we worked hard to make sure that all existing forms and links will continue to work as intended. We’ve only enabled HTTPS links by default going forward.

    Posted 4 years ago by Johan Lieu.
  4. Going forward if we copy an old form, will it make the transition to HTTPS? It would be a new form, so I hope this is the case. Thanks!

    Posted 4 years ago by Wes.
  5. @Wes: Yup, if you copy an old form, the URLs in the Code Manager will now default to HTTPS for that copied form.

    Posted 4 years ago by Johan Lieu.
  6. Are there any issues with the secure form embedded on an unsecure page?

    Posted 4 years ago by CJ.
  7. @CJ: Nope, there aren’t any issues with a secure embedded form on an insecure page.

    Posted 4 years ago by Johan Lieu.
  8. I think it is a great change - thanks

    Posted 4 years ago by דיאטנית קלינית.
  • Search

  • About

    The Wufoo Blog is the official online publication written by the developers of Wufoo about their online form builder, form-related technologies, and whatever else may fit their fancy—like robots.

  • Archives