When you open a web page currently in the Firefox browser that is using weak cryptography, then you will be redirected to an error page stating that the connection to the page failed.
Mozilla launched the new error page in Firefox 33. Before that, Firefox offered the means to enforce a connection to the site in question.
The reason for the failure to connect is given, for instance "secure connection failed", as is an option to try to connect to the site again or to report the error.
What's not there though is an option to override it. While it is safe to block the connection in these cases, it is problematic that there is no override available.
If you look how Chrome or Internet Explorer handle this, you will notice that they provide overrides to enable users to connect to the site anyway.
This can be useful if you need to sign in to the web interface of a local router for instance that has not received updates in years and is still using cryptography that is considered weak nowadays.
Without an override in place, you would not be able to connect to the interface using Firefox. Mozilla implemented a fallback option in the preferences:
While that makes sense for sites that you connect to regularly, you may not want to add hostnames permanently to the configuration if you only need temporary access.
While you could edit the preference regularly to turn exceptions on or off when the need arises, it may not be comfortable depending on how often you need to make changes to the preference.
Mozilla will make things easier for Firefox users starting with Firefox 44. The organization plans to add an override to Firefox's secure connection error page.
As you can see on the screenshot above, the new error page will feature an advanced button that you may click on to display an option to visit the site that is considered insecure.
Please note that this is a mockup and subject to change. The planned change would allow Firefox users to bypass weak security errors to visit sites in the browser directly.
Up until now, I have used other browsers to connect to these pages instead if I only needed temporary access to them. (via Sören Hentzschel)
Now You: How do you handle insecure connection errors in Firefox?
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.