Mozilla Firefox is a popular web browser that is used by millions of people around the world. It’s one of the most popular browsers on the market, and it’s also one of the most secure ones. One of the features that Mozilla Firefox offers users is HTTPS-only mode. This mode makes it so that only HTTPS connections are allowed. This means that any traffic that isn’t encrypted using TLS (the standard for web security) will be blocked. HTTPS-only mode is a great way to protect your privacy and your data. It’s also a great way to keep your Mozilla Firefox account safe from third-party attacks. To enable HTTPS-only mode in Mozilla Firefox, you first need to set up a new preferences file. In this file, you’ll need to set up two different values: “https” and “encrypted”. The “https” value will tell Mozilla Firefox to use HTTPS connections instead of regular HTTP connections when connecting to websites. The “encrypted” value will tell Mozilla Firefox to use encrypted connections instead of regular ones when connecting to websites. Once you’ve set up these preferences files, you can start using HTTPS-only mode in Mozilla Firefox by clicking on the three lines at the top left corner of your screen: “Settings -> Security -> Security settings”. Here, you’ll find two options: “HTTPS Everywhere” and “Only connect over HTTPS”. The first option will make sure that all traffic in Mozilla Firefox is connected over HTTPS, regardless of whether it’s coming from outside or inside the browser. The second option will only allow connections over HTTPS when there are specific reasons for doing so (such as security reasons). If you don’t want to use either option, just click on the OK button at the bottom left corner of this screen.
Mozilla Firefox’s HTTPS-Only Mode provides extra privacy and security online. With it enabled, Firefox will try hard to only load encrypted HTTPS websites. If only HTTP is available, Firefox won’t load the unencrypted website without asking you.
Why Is HTTPS Important?
Unfortunately, not all sites support HTTPS, and some that do may fall back to non-encrypted HTTP versions of a site if you visit them through an HTTP link (such as http://www.example.com instead of https://www.example.com—notice the missing “s” in the address).
Starting in Mozilla Firefox version 83, which was released on November 16, 2020, you can turn on HTTPS-Only Mode. Firefox will automatically attempt to load the HTTPS version of a website even if you visit the site through a link to an unencrypted HTTP address. If one isn’t available, you’ll have to provide explicit permission before Firefox will load an HTTP page. Here’s how to enable this option.
RELATED: What Is HTTPS, and Why Should I Care?
How to Enable HTTPS-Only Mode in Firefox
First, open Firefox and click the hamburger button (three horizontal lines) in any Firefox window. In the menu that pops up, select “Options” on Windows and Linux or “Preferences” on a Mac. Tip: If you’re not running Firefox version 83 or higher, you’ll need to update Firefox to use the HTTPS-Only Mode feature. To check for updates manually, click the Firefox menu, then select Help > About Firefox. Then click the “Update Firefox” button. RELATED: How to Update Mozilla Firefox
In the “Options” or “Preferences” tab, click “Privacy & Security” in the sidebar menu.
On the “Browser Privacy” preferences page, scroll down to the bottom and locate the “HTTPS-Only Mode” section. Click the radio button beside “Enable HTTPS-Only Mode in all windows” to select it. (You also have the choice to enable HTTPS-Only Mode in private windows only, so select that instead if you prefer.)
After that, close the Options tab, and the change will take effect immediately. If you visit a website through a non-encrypted HTTP link that supports HTTPS, you will be redirected to the encrypted HTTPS version of the site automatically.
What Happens If a Site Doesn’t Support HTTPS?
If you visit a site with HTTPS-Only Mode turned on and the site does not support HTTPS, you will see an error page similar to this one.
RELATED: How to Update Mozilla Firefox
In the “Options” or “Preferences” tab, click “Privacy & Security” in the sidebar menu.
On the “Browser Privacy” preferences page, scroll down to the bottom and locate the “HTTPS-Only Mode” section. Click the radio button beside “Enable HTTPS-Only Mode in all windows” to select it. (You also have the choice to enable HTTPS-Only Mode in private windows only, so select that instead if you prefer.)
After that, close the Options tab, and the change will take effect immediately. If you visit a website through a non-encrypted HTTP link that supports HTTPS, you will be redirected to the encrypted HTTPS version of the site automatically.
Also, if you visit a site that is only partially HTTPS-secure—that is, it pulls non-encrypted elements into the secure page—it may not display properly with HTTPS-Only Mode enabled.
In either case, Mozilla has provided a quick way to temporarily disable HTTPS-Only Mode. To do so, click the lock icon beside the website address in the URL bar.
In the menu that pops up, click the drop-down menu below “HTTPS-Only Mode” and choose “Off temporarily” to temporarily disable HTTPS-Only Mode.
Alternately, if you’d like to permanently disable HTTPS-Only Mode just for this particular site, select “Off” from the list. Firefox will remember these settings individually for each website.
After that, you’ll be able to see the site as usual. If the site ever upgrades to support HTTPS fully, you can enable HTTPS-Only Mode for the site again using the same menu option hidden under the web address lock icon. Happy browsing!
Web browsers like Mozilla Firefox and Google Chrome are encouraging websites to move away from HTTP to more secure HTTPS connections. It’s likely that Firefox’s HTTPS-Only Mode will one day become the default option, boosting privacy and security online—and further encouraging website owners to upgrade to HTTPS.