Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

www.<website>.com in location bar creates http://www.<website>.com, not httpS://www.<website>.com

more options

When I key www.<website>.com in location bar and hit enter, Firefox uses http://www.<website>.com, not httpS://www.<website>.com, to find the website. Most of the time the http:// version does not resolve to a website. It just hunts and hunts and hunts. This same thing happens many times when I click on a link in gmail which I open in Firefox.

Since we are all supposed to be using httpS:// these days, why doesn't Firefox default to https://?

Is there some setting that I'm missing?

Thanks, Caitlin

When I key www.<website>.com in location bar and hit enter, Firefox uses http://www.<website>.com, not httpS://www.<website>.com, to find the website. Most of the time the http:// version does not resolve to a website. It just hunts and hunts and hunts. This same thing happens many times when I click on a link in gmail which I open in Firefox. Since we are all supposed to be using httpS:// these days, why doesn't Firefox default to https://? Is there some setting that I'm missing? Thanks, Caitlin

All Replies (5)

more options

Please ignore   helpweb213's   post and don't call that number   -   it's a scam !

more options

helpweb213 is a scammer. Please do not call the number. I've deactivated their account.

more options

Hi Caitlin, usually web servers are configured to redirect http requests to https if they support https. On the other hand, if a server cannot handle https, then it won't be able to redirect to http because Firefox will never successfully connect. So for now, browsers generally try http first.

There is an experimental setting that upgrades http addresses to https, but I haven't tested it myself. If you want to see what effect it has, here is how to try it:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

(2) In the search box in the page, type or paste https and pause while the list is filtered

(3) Double-click the dom.security.https_only_mode preference to switch the value from false to true

If that breaks too many things, double-click again to switch it back.

More info on about:config: Configuration Editor for Firefox.

If you try it, let us know what you think.

more options

I have to say that I'm not very technical and the thought of making the changes that were suggested seemed outside my comfort zone. So I procrastinated.

However, I recently was helping my sister with her Firefox (she's even less technical than I am), and I discovered that someone has already solved this problem with an extension called "HTTPS Everywhere." It works beautifully. And it's recommended by Firefox.

I know I'm an amateur here, but if it's bad enough to motivate someone to make an extension, shouldn't the code be in Firefox for something like this? I was being prevented from going to websites because Firefox would hang without any message. There are many people who are less technical than I am. It took me a while to discover that the S in httpS was not there because the full address is not usually shown.

I have to say that I really don't understand what Firefox's problem was. Specifically, I have my own website that the host swears was set up to automatically forward any http request to https. But it didn't ever work when I tried it. In all honesty, this problem also happened in Safari and Chrome, so it wasn't just Firefox. But why, if the host swears it's supposed to auto forward from http to https, why doesn't it happen?

But I'm happy! I'm no longer having to doctor my links. Thanks for your help.

And I appreciate being saved from a scammer. I'm so glad I was slow to see the message because my first thought was how delighted I was that I was going to be able to talk to someone.

more options

Hi Caitlin, I'm glad you're finding HTTPS Everywhere useful. That is more time tested than the new setting I mentioned.