Firefox Web Browser and Its Desire to Force HTTPS

ssl_padlockEver since Firefox 14 came out (and future versions), typing in a website address may often force the website to load with HTTPS (SSL) instead of the regular website. This can be a real headache for webmasters, as most homepages are not designed to load fully secure (nor should they, as it makes the page slower to load).

Firefox did this in an attempt to increase security on the web. Unfortunately, many websites have been caught in the crossfire.

Fortunately, there is a simple workaround to reverse this behavior for your website. In your site’s main .htaccess file, add these 3 lines:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^$ http://www.your_domain.com/ [R=301,L]

The code above simply checks to see if the URL being requested is via HTTPS (SSL), and if they are trying to load your home page (i.e. they just typed www.your_domain.com). If these 2 conditions are true, it will force the browser to load www.your_domain.com without the secure HTTPS version.

The only thing you need to change in the code is www.your_domain.com should be your website address.

That’s it. A simple fix for an annoying problem.  :)

Looking for a web host that understands ecommerce and business hosting?
Check us out today!

2 Comments

  1. Steve says:

    Thanks for the tip, Lex.

    Is there any downside to this .htaccess change?

    and can you tell us where the three lines of code should go in the htaccess file?

    thanks,

    Steve

Leave a Reply to Steve