How to Force a Site to Use Http Connection

Date 21/3/2013
The Firefox add-on Firesheep has demonstrated the vulnerability of insecure connections with a bang. Users who use an unencrypted connection to access sites and services on public networks may have their information recorded by other users who record the network traffic. To put it in layman terms: You may be vulnerable to this kind of data snooping if you see http and not https in your browser's address bar.

Http is bad and https is good for privacy and security reasons. That's all there is to it. Most services allow both http and https connections to their sites, Facebook is an example. There are services, like Gmail, Google's email service, that only allows https connections and will redirect http requests to https for increased security and privacy.

Mozilla Firefox

The NoScript add-on is the best option for the Firefox web browser. The add-on's primary function is to block scripts from being executed automatically. It offers however several options to improve security further, with one of them offering to configure the browser to always use https connections for specific sites. To open the listing, click in Options on the status bar icon, then Advanced > HTTPS in the NoScript Options window.


Here it is possible to add sites where https should always or never be used. Facebook users would simply add facebook.com in the force text area. All connections to facebook.com from that moment on will be automatically redirected to https. A user entering http://www.facebook.com/ in the browser to log into Facebook will be redirected to https://www.facebook.com/ automatically. The same is true for all other pages on facebook.


Share/Bookmark