HTTPS Is Actually Everywhere
Quote:
September 21, 2021
For more than 10 years, EFF’s HTTPS Everywhere browser extension has provided a much-needed service to users: encrypting their browser communications with websites and making sure they benefit from the protection of HTTPS wherever possible. Since we started offering HTTPS Everywhere, the battle to encrypt the web has made leaps and bounds: what was once a challenging technical argument is now a mainstream standard offered on most web pages. Now HTTPS is truly just about everywhere, thanks to the work of organizations like Let’s Encrypt. We’re proud of EFF’s own Certbot tool, which is Let’s Encrypt’s software complement that helps web administrators automate HTTPS for free.
The goal of HTTPS Everywhere was always to become redundant. That would mean we’d achieved our larger goal: a world where HTTPS is so broadly available and accessible that users no longer need an extra browser extension to get it. Now that world is closer than ever, with mainstream browsers offering native support for an HTTPS-only mode.
With these simple settings available, EFF is preparing to deprecate the HTTPS Everywhere web extension as we look to new frontiers of secure protocols like SSL/TLS. After the end of this year, the extension will be in “maintenance mode.” for 2022. We know many different kinds of users have this tool installed, and want to give our partners and users the needed time to transition. We will continue to inform users that there are native HTTPS-only browser options before the extension is fully sunset.
|
Quote:
|
Follow the steps below to turn on these native HTTPS-only features in Firefox, Chrome, Edge, and Safari and celebrate with us that HTTPS is truly everywhere for users.
|
The worst case scenario for non-https:// sites with visitors using these https-only browsers would be losing traffic because the sites are completely blocked. The best case scenario for non-https:// sites with visitors using these https-only browsers would be visitors getting warning pages and higher bounce rates. Putting aside any higher SERP benefits that competitor sites receive for using https:// , SERPs for non-https:// sites will drop due to higher bounce rates.