This is how it should be: https connection is secure, encrypted and encrypted with a green padlock. Photo: Andrea Warnecke/dpa-tmn. (Source: dpa)
Brussels (dpa/tmn) – Computers must not connect to Internet servers over unencrypted (http) connections. Because this gives potential attackers an opportunity to steal data. Since almost all popular browsers now offer a function that ensures that only encrypted (https) connections are established, it must also be activated, advises the Electronic Frontier Foundation (EFF).
In Firefox (since version 83), the feature is turned on under “Settings / Data protection and security / https only mode / activate https only mode in all windows”. With Chrome (from version 94) under “Settings / Data protection and security / Advanced / Always use secure connection”. And in the latest Safari browser (version 15), the function is activated at the factory as well as in the Brave browser.
No further development of “https Everywhere”
Now that the “https only” functionality has found its way into almost all popular browsers, EFF sees that one of the goals it set itself has been met. So EFF will no longer develop the “https Everywhere” extension, which has been around for a decade and can be used to modify the browser’s missing “https-only” feature.
Users who have activated the “https only” function in their browser can, of course, uninstall the extension – if it is available. If unencrypted (http) pages that you trust must be opened regularly, exceptions for these pages can usually be specified in the settings.