{"id":13564,"date":"2020-11-18T16:44:24","date_gmt":"2020-11-18T21:44:24","guid":{"rendered":"https:\/\/www.thesslstore.com\/blog\/?p=13564"},"modified":"2020-12-07T11:44:49","modified_gmt":"2020-12-07T16:44:49","slug":"new-https-only-mode-offers-secure-browsing-to-firefox-83-users","status":"publish","type":"post","link":"https:\/\/www.thesslstore.com\/blog\/new-https-only-mode-offers-secure-browsing-to-firefox-83-users\/","title":{"rendered":"New HTTPS-Only Mode Offers Secure Browsing to Firefox 83 Users"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Want to ensure your browser uses only secure HTTPS connections? Check out Firefox\u2019s new HTTPS-Only Mode<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Here at Hashed Out, we like to try to keep you abreast of some of the latest changes and news within the industry\u2014like the <a href=\"https:\/\/blog.mozilla.org\/security\/2020\/11\/17\/firefox-83-introduces-https-only-mode\/\">newsworthy update Mozilla<\/a> announced yesterday on their blog. In the latest version of their Firefox browser, Firefox 83, they offer a new security feature called HTTPS-Only Mode. This tool lets you set your browser to automatically connect to all sites via HTTPS, whenever it\u2019s available. When HTTPS is not available, you\u2019ll get a warning.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the U.S. alone, the <a href=\"https:\/\/transparencyreport.google.com\/https\/overview?hl=en&amp;load_os_region=chrome-usage:1;series:page-load;groupby:os&amp;lu=load_os_region\">Google Transparency Report<\/a> shows that Chrome users loaded 95% of web pages using the HTTPS connection as of Aug. 29, 2020. This is up from the 49% who used HTTPS exactly five years earlier. This is a significant shift in the right direction.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But what is HTTPS -Only Mode and why does it matter in terms of security?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Let\u2019s hash it out.<span id=\"newline\"><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What Is HTTPS-Only Mode?<\/h2>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"604\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/firefox-version-83-info-1024x604.png\" alt=\"Firefox 83 browser version info for an article on the browser's new HTTPS-Only Mode\" class=\"wp-image-13566\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/firefox-version-83-info-1024x604.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/firefox-version-83-info-300x177.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/firefox-version-83-info-768x453.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/firefox-version-83-info.png 1042w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot of the Firefox version 83 browser info screen<\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">In a nutshell, HTTPS-Only mode is a new security feature that Firefox rolled out yesterday as part of their Nov. 17 <a href=\"https:\/\/www.mozilla.org\/en-US\/firefox\/83.0\/releasenotes\/\">release of Firefox 83<\/a>. They\u2019ve created an optional mode that <strong>allows users to choose to make connections via the secure HTTPS protocol only (whenever possible)<\/strong>. According to their official release notes:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p><em>\u201cOnce HTTPS-Only Mode is turned on, you can browse the web as you always do, with confidence that Firefox will upgrade web connections to be secure whenever possible, and keep you safe by default.\u201d<\/em><\/p><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">From a 30,000-foot perspective, the goal for browsers would be to eventually deprecate all HTTP connections in lieu of HTTPS ones. (We\u2019ve already seen moves in that direction by other browsers marking non-HTTPS sites as Not Secure.) But for right now, the HTTPS-Only Mode is a feature that Firefox 83 users can choose to use if they so desire. (In the future, maybe HTTPS-Only Mode will become the default behavior for Firefox? Time will tell, but it sure looks like they\u2019re heading in that direction!)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In a nutshell, Firefox\u2019s new HTTPS-Only Mode ensures that users:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Connect via secure connections whenever they\u2019re available, and<\/li><li>Receive alerts whenever a secure connection is unavailable.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">This means that browsers who Firefox version 83 will see padlock icons in their web address bar instead of warnings like this:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"484\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/http-site-insecure-warning-1024x484.png\" alt=\"An insecure website warning with a crossed-out padlock security indicator\" class=\"wp-image-13565\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/http-site-insecure-warning-1024x484.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/http-site-insecure-warning-300x142.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/http-site-insecure-warning-768x363.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/http-site-insecure-warning.png 1055w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>An example screenshot of an insecure website warning.<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Of course, there are plenty of other features that also rolled out in the update aside from the HTTPS-Only Mode. But it\u2019s really the only one we\u2019re going to talk about here since it specifically pertains to cybersecurity and, more specifically, encryption. (And, as you know, both of those topics are kind of our thing.) But you should certainly check the other new features out as well in the Firefox 83 release notes since there are also a few updates that enterprises and developers in particular might be interested in.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why Using Only HTTPS Connections Matters<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Whenever you go online, by default, your connection is delivered via the HTTP protocol. HTTP stands for hypertext transfer protocol. It\u2019s the foundational protocol that\u2019s used to browse the web (such as when you used your browser to connect to our website right now to read this article).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Unfortunately, by its very nature, HTTP isn\u2019t secure; it transmits your data across the internet in plaintext format for everyone to see. So, all of the types of data that hackers love to get their hands on \u2014 your personally identifiable information (PII), credit card information, and other sensitive info \u2014 are served up like a smorgasbord of digital delights to anyone else who knows how to intercept and read them.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This is known as a <a href=\"https:\/\/www.thesslstore.com\/blog\/man-in-the-middle-attack\/\">man-in-the-middle attack<\/a>. Not only can the see and read it, but they could potentially tamper with your data, too, and manipulate the information. This frightening thought serves to:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Underscore the important of using HTTPS;<\/li><li>Explain why the \u201chypertext transfer protocol secure\u201d became integral to website security; and<\/li><li>Show why SSL, now TLS, was able to make such a big grand entrance back in the 90s.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">While the overwhelming majority of websites support the HTTPS protocol \u2014 more than 80% of sites have a valid SSL\/TLS certificate, according to <a href=\"https:\/\/w3techs.com\/technologies\/overview\/ssl_certificate\">W3Techs<\/a> \u2014 millions of sites still contain HTTP legacy links. This means that even if a site is using the HTTPS protocol for their site overall, some specific pages (including subdomains) they\u2019re linking to may not be.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How HTTPS Works In General<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">One of my colleagues already broke down the process of <a href=\"https:\/\/www.thesslstore.com\/blog\/how-does-https-work\/\">how HTTPS works<\/a> in another in-depth piece. I\u2019m not going to repeat everything he covered here, but to quickly summarize, HTTPS is what makes it possible to transmit your data to a website via an encrypted connection. Basically, in the case of a website, a site admin uploads one or more <a href=\"https:\/\/www.thesslstore.com\/blog\/what-is-a-website-security-certificate-and-what-does-it-do-for-your-business\/\">website security certificates<\/a> to their server to secure their pages.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Whenever a user tries to connect, a handshake takes place that involves a secure key exchange that then makes it possible to use a symmetric encrypted connection for the rest of the session. Pretty cool, huh? &nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So, to quickly recap:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>HTTP<\/strong> = data transmissions in plaintext format (i.e., readable data).<\/li><li><strong>HTTPS<\/strong> = secure data transmissions that displays ciphertext (i.e., unreadable data)<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">If you like privacy and want your information to remain as secure as possible online, then you should be a huge proponent of HTTPS. (Okay, you don\u2019t have to wear a shirt or wave around flags in support of HTTPS, but you can at least take a moment to appreciate all that it offers our otherwise insecure digital world.) The takeaway here is that HTTPS is a great thing for web users in terms of security.<\/p>\n\n\n\n\n\n<h2 class=\"wp-block-heading\">How HTTPS-Only Mode Works<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The HTTPS-Only Mode makes it so that you will automatically connect to the HTTPS version of a website whenever one is available. So, even if you accidentally or intentionally try to connect to a site via HTTP, Firefox will override it and use HTTPS instead (so long as it\u2019s available on the site). If an HTTPS connection isn\u2019t available, the browser will warn you.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here\u2019s an example of how an insecure site might display in Firefox 83 (note the crossed-out padlock icon in the web address bar):<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"377\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example-1024x377.png\" alt=\"A screenshot of an insecure website warning and a crossed-out padlock icon in the address bar\" class=\"wp-image-13567\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example-1024x377.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example-300x110.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example-768x283.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example.png 1152w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot of an insecure website warning in Firefox 83.<\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Here\u2019s how a secure HTTPS website displays in Firefox 83:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"492\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example2-1024x492.png\" alt=\"A screenshot of a secure website displaying a padlock icon in the address bar\" class=\"wp-image-13568\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example2-1024x492.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example2-300x144.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example2-768x369.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example2.png 1162w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot demonstrating how a secure website displays in the Firefox version 83 browser.<\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Now, what if you manually type an HTTP URL into the web address bar (like this)?<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"230\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example3-1024x230.png\" alt=\"Screenshot of manually typing in an insecure HTTP website URL\" class=\"wp-image-13569\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example3-1024x230.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example3-300x67.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example3-768x173.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example3-1536x345.png 1536w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/https-only-mode-example3.png 1726w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot of me manually typing in an insecure website.<\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">If you have the HTTPS-Only Mode enabled in your browser, so long as there\u2019s an HTTPS version of the site available, the browser will still force it to load the site via HTTPS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to Enable HTTPS-Only Mode in Firefox 83<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Okay, now that you know all about what it is and how it works, let\u2019s break down how to turn this feature on in your browser.<\/p>\n\n\n\n<ol class=\"wp-block-list\" type=\"1\"><li>In the Firefox version 83 browser, click on the <strong>menu<\/strong> (the three stacked horizontal lines in the top-right corner of your window) and select either <strong>Preferences<\/strong> or <strong>Options<\/strong> (it displays as <strong>Options<\/strong> on my screen).<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"565\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode1-1024x565.png\" alt=\"The third image of the process showing how to enable the HTTPS-Only Mode in Firefox 83\" class=\"wp-image-13570\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode1-1024x565.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode1-300x166.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode1-768x424.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode1-1536x848.png 1536w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode1-2048x1130.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot of the Firefox 83 menu<\/figcaption><\/figure><\/div>\n\n\n\n<ol start=\"2\"><li>In the left-hand navigation, select <strong>Privacy &amp; Security<\/strong> to open that tab.<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"565\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode2-1024x565.png\" alt=\"The second image of the process showing how to enable Firefox 83's HTTPS-Only Mode \" class=\"wp-image-13571\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode2-1024x565.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode2-300x165.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode2-768x423.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode2.png 1177w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot of the Preference window where you can change your settings.<\/figcaption><\/figure><\/div>\n\n\n\n<ol start=\"3\"><li>Scroll down the page until you see a section header labeled HTTPS-Only Mode. There, you\u2019ll find three options. The radio button defaults to <strong>Don\u2019t enable HTTPS-Only mode<\/strong>. You\u2019ll want to change this option to <strong>Enable HTTPS-Only Mode in all windows<\/strong>.<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"564\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode3-1024x564.png\" alt=\"The third image of the process showing how to enable Firefox 83's HTTPS-Only Mode \" class=\"wp-image-13572\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode3-1024x564.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode3-300x165.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode3-768x423.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/enable-https-only-mode3.png 1236w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot of the Privacy &amp; Security tab where you can enable HTTPS-Only Mode in your Firefox 83 browser.<\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">That\u2019s it! It\u2019s really that simple.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Don\u2019t have Firefox version 83 installed yet? No worries. You can <a href=\"https:\/\/www.mozilla.org\/firefox\/download\/thanks\/\">download the newest version of Firefox<\/a> from the Mozilla website.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to Temporarily Disable HTTPS-Only Mode<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Okay, cool. So, now you have HTTPS-Only Mode enabled, which ensures that the HTTPS versions of websites will always load by default whenever they\u2019re available. But what if there are specific elements on a page that rely on HTTP and now they don\u2019t display right? Don&#8217;t worry, Mozilla planned for that variable as well.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you want to temporary turn off the HTTPS-Only mode to view those elements, you can do so in your web address bar. (Note: This is not a good idea in general. We typically don\u2019t recommend doing this! However, we do understand that some websites don\u2019t use HTTPS, so switching off HTTPS temporarily may be practical for some users.)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To disable HTTPS-Only Mode:<\/p>\n\n\n\n<ol class=\"wp-block-list\" type=\"1\"><li>Click on the padlock icon in your browser. It will bring up a window that looks like this that contains a drop-down menu toggle:<\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"562\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode1-1024x562.png\" alt=\"A screenshot of how to toggle the Firefox HTTPS-Only Mode on and off in Firefox 83\" class=\"wp-image-13573\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode1-1024x562.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode1-300x165.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode1-768x421.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode1.png 1447w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A screenshot of how the process of disabling HTTPS-Only Mode would look when you try to do that on a website without going into the main Firefox browser menu.<\/figcaption><\/figure>\n\n\n\n<ol start=\"2\"><li>In the new padlock window, you\u2019ll see a drop-down menu listed for HTTPS-Only Mode. There, you can change it from <strong>On<\/strong> to <strong>Off temporarily<\/strong>. <strong>\u00a0<\/strong><\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"564\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode2-1024x564.png\" alt=\"A second screenshot of how to toggle the Firefox HTTPS-Only Mode on and off in Firefox 83\" class=\"wp-image-13574\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode2-1024x564.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode2-300x165.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode2-768x423.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/toggle-https-only-mode2.png 1221w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>A second screenshot of the process for disabling HTTPS-Only Mode without going into the main Firefox browser menu.<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">If, for some reason, this option isn&#8217;t working, you can always go back into the main Firefox menu and turn HTTPS-Only Mode off while accessing that particular site or web page. Once finished with whatever you&#8217;re doing, then you can re-enable the security feature in your browser menu. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Final Thoughts<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Enabling HTTPS-Only Mode is a great idea for individual users and businesses alike. For the former, it helps to ensure that you\u2019re only connecting with secure websites whenever they\u2019re available and are informed by your browser whenever they\u2019re not. For the latter, you should also configure the browser settings on your employees\u2019 work devices to ensure that they\u2019re also connecting to HTTPS sites as much as possible.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The reality is that encrypted connections should be not only the minimum level of security, but it should also be the norm when it comes to online traffic. I, for one, am looking forward to a point where we can see the complete phase-out of unencrypted HTTP connections. While we haven\u2019t quite reached that point, this move by Firefox is a step in the right direction. &nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Want to ensure your browser uses only secure HTTPS connections? Check out Firefox\u2019s new HTTPS-Only Mode Here at Hashed Out, we like to try to keep you abreast of some&#8230;<\/p>\n","protected":false},"author":17,"featured_media":13578,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":"","tve_updated_post":"","tve_custom_css":"","tve_user_custom_css":"","tve_globals":{},"tcb2_ready":0,"tcb_editor_enabled":0,"tve_landing_page":"","_tve_header":"","_tve_footer":""},"categories":[13107,16],"tags":[151,13105,170,338],"class_list":["post-13564","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-beyond-hashed-out","category-hashing-out-cyber-security","tag-firefox","tag-firefox-83","tag-https","tag-https-only-standard","post-with-tags"],"views":11412,"jetpack_featured_media_url":"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/11\/firefox-https-only-mode.jpg","_links":{"self":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/13564","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/comments?post=13564"}],"version-history":[{"count":0,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/13564\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media\/13578"}],"wp:attachment":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media?parent=13564"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/categories?post=13564"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/tags?post=13564"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}