To suppress the security warning in Firefox for a local web server that is only accessed from your desktop PC, you can follow these steps:

Open Firefox and type "about:config" in the address bar. You will see a warning message; click on the "Accept the Risk and Continue" button to proceed. In the search bar on the "about:config" page, type "security.insecure_connection_icon.enabled". Double-click on the "security.insecure_connection_icon.enabled" preference to set it to "false". This will disable the warning icon for insecure connections. Additionally, you can also set the "security.insecure_connection_text.enabled" preference to "false" to disable the warning text for insecure connections. By making these changes in the Firefox configuration, you can prevent Firefox from displaying the security warning for your local web server. However, please note that disabling these warnings means that you won't be alerted to potential security risks for other websites that use insecure connections.

I run a local web server from my desktop PC. As the person running it, I access it only from my desktop PC, and only my account has a password. (All other accounts must be created by me, and have very limited access.) When I log in, Firefox whinges that it's not running on https, which is not my fault, as I didn't write this server. I cannot change servers. How can I prevent Firefox whinging about my lack of a secure (despite being local only) connection?

Hi, do you mean this warning that drops down from the user name and password fields:

For many years, there was a specific preference to hide that message (security.insecure_field_warning.contextual.enabled), but it was removed in Firefox 104 for some reason. You can dismiss the drop-down by tapping the Esc key if it's in the way.

If you are highly irritated by this message, it probably is possible to use the community-supported (not officially supported) userChrome.css method to hide it. I haven't researched the specific style rules needed to do it.

Note that the security.insecure_connection_* prefs mentioned above are for the location bar and show/hide the padlock with the strike through or the 'i' icon and show/hide the Not Secure text. So best is to leave them at their default: if they show bold, click the reset button at the far right.

See also:

• /questions/1418559 How to hide "This connection is not secure" when login on http websites

The insecure form warning should not appear for local servers since Firefox 55 (Bug 1337246).

When a server is inaccessible, it will fall back to HTTPS which can be avoided by changing browser.fixup.fallback-to-https to false in about:config.

The insecure form warning should not appear for local servers since Firefox 55 (Bug 1337246).

The way I read this bug, it created an exception for IP addresses. In other words, no contextual warning for this:

http://10.10.0.10/

because security.insecure_field_warning.ignore_local_ip_address => true

But if the user has assigned a host name to the local server, then the contextual warning isn't suppressed. (But I don't have an easy way to confirm this.)