Encrypt Your Web Browsing With HTTPS Everywhere [Firefox]

Chris Hoffman 18-01-2012

encrypt your web browsingHTTPS Everywhere is one of those extensions that only Firefox makes possible. Developed by the Electronic Frontier Foundation, HTTPS Everywhere automatically redirects you to the encrypted version of websites. It works on Google, Wikipedia and other popular websites.


Encryption ensures no one can eavesdrop on your web browsing. Whether you’re searching on Google, browsing Wikipedia or sending private messages on Facebook, your information is sent in the clear if you’re not using encryption.

Getting the Extension

You won’t find HTTPS Everywhere in the official Firefox add-ons The Best Firefox Addons Firefox is famous for its extensions. But which addons are the most useful? Here are the ones we think are best, what they do, and where you can find them. Read More gallery; you’ll have to get it directly from the Electronic Frontier Foundation’s site. Just go to the HTTPS Everywhere page and click the big Install HTTPS Everywhere button.

encrypt your web browsing

Taking a Tour

HTTPS Everywhere adds a button to Firefox’s toolbar; you can click the button to view its status and change its settings. Let’s head over to MakeUseOf with HTTPS Everywhere installed and see what it does.

encrypt your web traffic


HTTPS Everywhere is enforcing encrypted connections to many services we use on MakeUseOf, although many may use encryption by default. With HTTPS Everywhere, you don’t depend on the webmaster to set up their site properly; you get encryption everywhere you go — with every service that supports it, of course.

Plug a search into the Google search box included with Firefox and you’ll go straight to Google’s encrypted search page. Any searches you make with Google’s HTTPS site are encrypted before they’re sent to Google, so no one can eavesdrop on them. Without the extension, people on public Wi-Fi networks How To Combat WiFi Security Risks When Connecting To A Public Network As many people now know, connecting to a public, unsecured wireless network can have serious risks. It’s known that doing this can provide an opening for all manner of data theft, particularly passwords and private... Read More can see all your searches.

encrypt your web traffic

Sure, you could head over to and start your search from there, maybe even install a search plug-in for Google’s encrypted search engine and use that instead. But HTTPS Everywhere does everything for you.


Click a link to Wikipedia and you’ll see the same thing. HTTPS Everywhere turns every Wikipedia link on the web into a link to Wikipedia’s secure, encrypted site.

encrypt your web traffic

What It Really Does

So what does HTTPS Everywhere actually do? We can sneak a peek at our web browsing traffic with WireShark and see for ourselves.

Let’s plug “super secret search” into Google’s normal, unencrypted search engine. With Wireshark capturing our traffic Top 3 Portable Network Analysis and Diagnostics Tools Read More , this is what we see:


encrypt browsing

There it is. Our super secret search is being sent in plain text for all the world to see. On an open Wi-Fi network? People around you can see your super secret search. Now imagine you’re sending a private message on Facebook and you’ll see why this is important. Facebook has a secure browsing option, but having HTTPS Everywhere installed will automatically enable it for you. You won’t have to worry about finding the option on every website you use.

Now let’s turn on HTTPS Everywhere and perform the search again. HTTPS Everywhere automatically uses Google’s encrypted search engine.

encrypt browsing


Our communication with Google is happening over HTTPS now. An eavesdropper can see we’re contacting Google’s servers, but that’s all they can see — they don’t know the specific page we’re using or what type of data is getting sent back and forth.

Tools like Firesheep do the same sort of thing, but with an easier-to-use interface. You don’t have to understand networking to snoop with Firesheep.


HTTPS Everywhere has a pretty barebones configuration screen. You can see the list of websites it supports and disable them if you encounter problems. You can also enable rules that are disabled by default, possibly because they break certain features on a site.

encrypt your web browsing

Want to add your own HTTPS Everywhere rules? You can’t do that from this window, but the EFF has a guide for doing that yourself. Bear in mind that you can only enable HTTPS for a site if that site has an HTTPS version that isn’t used by default. HTTPS Everywhere includes most popular sites that have HTTPS versions, so you probably shouldn’t have to create any rules yourself.

Other Web Browsers

Like the idea, but use another web browser? No other browser has the extensions framework that makes HTTPS Everywhere possible. Google Chrome is closest to getting there, but Internet Explorer and Safari users are out of luck.

If you use Chrome, you can try KB SSL Enforcer, which we’ve covered here The Top 8+ Security & Privacy Extensions For The Chrome Browser Google’s Chrome Web Store hosts many extensions that can protect your security and privacy while using Chrome. Whether you want to block JavaScript, plug-ins, cookies and tracking scripts or force websites to encrypt your traffic,... Read More . KB SSL Enforcer doesn’t work as well as HTTPS Everywhere; it fetches the HTTP page before the HTTPS page. The EFF promises to release HTTPS Everywhere for Chrome when Chrome’s extension framework evolves to make it possible.

HTTPS Everywhere is definitely a compelling reason to switch to Firefox if you use another web browser — or is it? Do you prefer another browser anyway? Let us know in the comments.

Related topics: Encryption, Mozilla Firefox.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. The WEDA Coalition
    June 9, 2016 at 8:26 pm

    I was tracking who was tracking me while using mozilla and you guys are down right liars this program still lets people track us and you people should be ashamed of yourselves and this is borderline false advertisement

  2. Wanted Maniac
    June 26, 2012 at 6:28 pm

    Apart from using 'HTTPS' as an encryption, does browsing on Private-Proxy-Servers also have encryption which couldnot be sniffed?

    • Chris Hoffman
      June 26, 2012 at 11:11 pm

      Assuming the proxy itself uses HTTPS and has encryption, yes. I believe it's possible for proxies to not use HTTPS encryption, although I'm not sure how common this is. Just ensure you're using a proxy that's using HTTPS.

      Bear in mind that this only means the connection between you and the proxy can't be sniffed. In other words, if you were using an encrypted proxy, went to an unencrypted Google page, and searched for "waffles," your Internet service provider and anyone monitoring the traffic between you and the proxy wouldn't know that you were viewing Google or searching for waffles. However, anyone monitoring the outgoing traffic from the proxy would see the "waffles" search -- this is why complete, end-to-end encryption with websites is important, even when accessing them via proxies.

  3. Arthur McKenzie
    January 19, 2012 at 7:08 am

    I've been using HTTPS Everywhere for almost a year now and feel that it should be an integral part of all Firefox installations. But since it doesn't work on all sites, I also use addition protection in the form of Keyscrambler and Browser Protect.

    • Chris Hoffman
      January 19, 2012 at 7:17 am

      Thanks for the tips!

      More websites should really default to HTTPS to protect user's privacy, then HTTPS Everywhere wouldn't be necessary at all.