HTTPS-Only Mode is automatically enabled in Firefox for Android, versions 100 and later. For every website you visit, Firefox will automatically establish a secure, encrypted connection over HTTPS whenever possible. This is especially useful when you are using a public WiFi where you can’t be sure of the integrity of your internet connection. You can disable or enable this feature in your settings.

What is the difference between HTTP and HTTPS?

HTTP stands for Hypertext Transfer Protocol and is the foundational protocol for the web and encodes basic interactions between browsers and web servers. The problem with the regular HTTP protocol is that the data transferring from server to browser is not encrypted, meaning data can be viewed, stolen, or altered. HTTPS protocols fix this by using an SSL (secure sockets layer) certificate. This creates a secure encrypted connection between the server and the browser which protects sensitive information.

For example when HTTPS-Only Mode is active and a site is visited such as http://example.com, Firefox will silently upgrade to https://example.com.

Enable or disable HTTPS-Only Mode

1. Tap the menu button.

2. Tap Settings.
3. Tap HTTPS-Only Mode.
4. Switch the toggle to the left to turn HTTPS-Only Mode off. Switch the toggle to the right to turn it on.
5. If you turn HTTPS-Only mode on, select Enable in all tabs or Enable only in private tabs.

Secure Connection Not Available

Some websites only support HTTP and the connection cannot be upgraded. If HTTPS-Only Mode is enabled and a HTTPS version of a site is not available, you will see a “Secure Site Not Available” page:

If you tap Continue to HTTP Site, you accept the risk and then will visit a HTTP version of the site. HTTPS-Only Mode will be turned off temporarily for that site.

Tap the back button if you want to avoid any unencrypted connections.