HTTPS Everywhere is a browser extension that is published by the Electronic Frontier Foundation that improves privacy and security by enforcing the use of the HTTPS protocol on websites supporting it.
It is of specific use when you are connecting to sites or services that support http and https depending on how you access the site and its contents.
Version 5 of HTTPS Everywhere has been released this week to the public introducing thousands of new rules in the program.
A rule defines which resources get redirected to HTTPS automatically when you are connecting to them in your browser of choice.
For instance, even if you don't use a protocol at all to open a site or open an address starting with http:// you are automatically redirected to https:// if HTTPS Everywhere is installed in the browser and a rule for the resource you are trying to access exists.
HTTPS Everywhere works on thousands of sites out of the box. Each version of the extension, available for Chrome, Firefox, Opera and Safari, ships with options to add unsupported websites to the extension's rule set.
If you are using Chrome, you'd click on the HTTPS Everywhere icon in Chrome's interface and select the "add a rule for this site" option from the menu that opens up. Usually, all you need to do next is click on the "add new rule" button to add it. It is possible to override this basic rule with a click on the advanced link in the menu.
There you find options to specify matching regular expressions and the target destination for it.
The new version of HTTPS Everywhere introduces a feature in Chrome that Firefox users had access to for some time (since version 4.0.2 released October 2014): the ability to turn off http access completely.
While that sounds like a great idea at first, it will render sites inaccessible. Which? All sites that don't support https currently.
This could be interesting though if you are using a hardened version of Chrome (or Firefox) for specific tasks such as online banking on the Internet exclusively.
To enable the feature click on the extension button and check "turn on HTTP nowhere" in the menu.
Last but not least, interface translations in 16 new languages are provided now as well.
Interestingly enough, version 5 of HTTPS Everywhere was released on March 23, 2015. A new version of the extension was released just a week later which fixed some broken rulesets and introduced the new Chrome option to block all HTTP requests.
Existing HTTPS Everywhere users are updated to the new version automatically. New users or those who don't want to wait for the update to hit their browsers can download the latest version from the official project website.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.