SSL Enforcer forces secure connections on a system-wide level - gHacks Tech News

SSL Enforcer forces secure connections on a system-wide level

SSL Enforcer is a new program that is currently available as a free beta version. If other programs of the same developer are anything to go by, it is likely that it won't be available for free after the beta period.

The program works similar to the popular browser extension HTTPS Everywhere but with the difference that it runs independent from any program on the system.

This means that it can enforce secure connections for all processes running on the system.

The application is available as a portable version and installer. The SSL enforcement is enabled by default when you run it and you may run into issues when connecting to servers on the Internet on HTTP ports because of this since sites may not support HTTPS at all.

The program monitors HTTP ports, 80, 8080 and several others by default and to redirect to a secure connection. This works in all web browsers but also other programs that use HTTP connections including RSS readers for example.

ssl enforcer

All actions are echoed in the log so that you can always check to see what is going on. There are options to display even more information in the log, limit what is being displayed to errors, or display no log at all.

The settings allow you to turn the SSL enforcement off, disable automatic redirects to HTTPS and HTTPS availability checks.

There you find options to exclude processes or hosts from the procedure. This can be important if a host does not support HTTPS. Instead of not connecting to it at all, you can add it to the list of exceptions to have the program ignore connections to that host or that are made by a process specified there.

The ports that are monitored are also listed here and it is possible to add or remove ports from the list.

The program uses little bandwidth for this as it does not make use of tunnels or proxy servers to enforce https connections.

The main issue that some users, especially business users, will have with the program is that it is not open source. This means that it is not possible to vet it to see if it does not do anything that it should not as it manipulates all HTTP traffic.

Good news is that its redirection to secure connections works really well provided that the host supports https connections.

SSL Enforcer is available for Windows and Mac.

Summary
software image
Author Rating
1star1star1star1stargray
no rating based on 0 votes
Software Name
SSL Enforcer
Operating System
Windows, Mac
Landing Page




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. errriii said on November 17, 2014 at 7:15 pm
      Reply

      For a software that enforces HTTPS, its own website is forcing the RC4 protocol if you want PFS to be used. Not exactly reassuring, since this is a software for people who would probably disable RC4 due to increased risks of using it.

    2. Dwight Stegall said on November 17, 2014 at 8:18 pm
      Reply

      More trouble than it’s worth if you web surf. I had to disable it to visit Ghacks. I have a local html file on my hard drive that loads weather maps. It blocks the maps and other related info. There is a setting to bypass sites that doesn’t seem to work yet. But I doubt that local file will ever work again as SSL Enforcer is installed. This unacceptable.

      I’ll keep testing it for awhile. But I don’t see it having much of a future on my computers.

      1. Martin Brinkmann said on November 17, 2014 at 8:22 pm
        Reply

        Have you tried adding localhost / local IP to the exclusion list?

        1. Dwight Stegall said on November 17, 2014 at 8:43 pm
          Reply

          No I didn’t think of it.

          it needs a feature for every website where it brings up every insecure connection in a list that you can accept or not. Otherwise you have to type all of those domains in the bypass box. I have better things to do than spend all day typing in exceptions. Until most of the websites use SSL this thing in my opinion is a terrible time waster. :(

    3. Sergey said on November 18, 2014 at 4:11 pm
      Reply

      Thanks for your feedback.

      Please consider that this is the first beta.
      Soon we plan to add two features that should address your concerns:
      1. Optional “best-effort” mode. Redirect to SSL only when it is available. Otherwise, keep using unsecure connection.
      2. Add exceptions from the browser when SSL Enforcer blocks a web site.

      Please feel free to contact us directly if you have any questions or suggestions.

      Thanks!
      Sergey,
      Developer

      1. Alexander said on February 17, 2015 at 5:56 pm
        Reply

        Just add a ONE-CLICK option to allow http connection, white-list is tedious and it is not necessary for such software that only redirects to https.
        it should look like :
        1.Secure alternative: https://
        HTTPS is not available for https://www.wwe.com
        2.Unsecure alternative: http://

        Thanks a lot for the great software, it makes life simple and secure.

    4. Adrian said on November 18, 2014 at 8:12 pm
      Reply

      It doesn’t exactly make it easy to add exceptions.
      Can’t paste into the box provided, let alone right click on address in the log file and add it.

      1. Sergey said on November 20, 2014 at 2:24 am
        Reply

        Good suggestion. We will add this feature in one of the next versions.
        Thanks!

        1. Anonymous said on February 17, 2015 at 5:48 pm
          Reply

          Russians, always making life simple and secure, it is very hard to find an addon for firefox to redirect to https without refreshing the whole page or typing the full url,

          It just needs the option to allow http connection for a site that does not support https,

          1.Secure alternative: https
          HTTPS is not available for https://www.wwe.com

          2. insecure alternative http
          Please make it simple with just ONE click to allow some sites to use http, instead of the tedious white-listing option

          Thanks a lot for the great software

    Leave a Reply