To improve the security of all VIP sites, all dashboard and administration pages are now served over SSL. Previously on WordPress.com VIP, you could choose to enable this setting, but we have now force-enabled it for all dashboard pages.
Why this change?
If you sign in to WordPress.com via a non-secure Internet connection, like a public Wi-Fi connection at your local coffee shop, your account may be more vulnerable to hijacking. To help keep the bad guys out, we now enforce HTTPS. You can learn more about HTTPS on WordPress.com here.
What should I look out for?
This change may cause problems in some dashboards, in particular if:
- You have front-end admin-ajax
- You are loading external JS or CSS in the dashboard
- You have assets hard-coded to HTTP
Please ensure all admin assets are loaded over HTTPS to ensure proper functioning of your dashboards, as ‘mixed content‘ warnings and other errors can occur when parts of the page are not loaded securely.
If you have any questions, just let us know!
WordPress VIP Lobby 
Does this change have any implication on the value of site_url(), or just admin_url()?
This only affects
admin_url()for now, butsite_url()should be changing to SSL later this year. http://en.blog.wordpress.com/2014/06/05/reset-the-net/