Firefox 83 Released a New Feature to Improve the Security, Namely HTTPS-Only Mode


Firefox 83 has been released on the stable channel with a new feature, HTTPS-Only Mode, intended to enhance the security of its users.

The new functionality is intended to avoid eavesdropping, especially when it comes to websites that contain confidential details, such as emails, financial information, or medical information.

Firefox aims to create a completely secure link with each and every site visited by the user, with HTTPS-Only Mode allowed, and even demands approval from the user before connecting to a site that lacks secure connection support.

The aim of the Hypertext Transmission Protocol (HTTP) over TLS (HTTPS) was to fix HTTP’s security vulnerabilities by encrypting the link between the browser and the website visited.

Although most websites have HTTPS support, more pages fell back to the unsecured HTTP protocol, and some that are not smaller by the day.

On top of that, Mozilla states that there are already millions of legacy HTTP connections leading to vulnerable copies of websites, which means that the browser traditionally connects using the insecure HTTP protocol when the user clicks on them.

Given the extremely high availability of HTTPS, we think it is time to make our users continue to use HTTPS at all times. That’s why we’ve built HTTPS-Only Mode, which means that without your approval, Firefox doesn’t make any unsafe connections,’ Mozilla says.

When HTTPS-Only Mode is allowed, Firefox will still try to connect to the visited website in a completely safe manner, and even if the user clicks or manually enters an HTTP page, the browser will always use HTTPS instead.

You can toggle the new function from the ‘Preferences’ menu in the ‘Privacy & Security’ area. Upon scrolling down to “HTTPS-Only Mode,” users need to pick the option “Activate HTTPS-Only Mode in all windows.”

“You can access the web as you always do when HTTPS-Only Mode is allowed, with the assurance that Firefox can update web connections to be protected wherever possible, and keep you safe by default,” states Mozilla.

Firefox can deliver an error message when a website that does not have HTTPS support is found, providing the user with the option to link via HTTP.

Any pages can malfunction for websites that do support HTTPS but serve resources such as images or videos over unsecured connections, and users will be given the option to temporarily disable HTTPS-Only Mode for that site.

Once HTTPS is more commonly supported and also required for all websites, Mozilla expects HTTP connections to be deprecated. The future of the Internet is HTTPS-Only Mode says the browser creator.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.