HTTPS Everywhere enhances your Web-browsing security by forcing your Firefox browser to operate in the HTTPS secure encrypted mode. It works invisibly for HTTPS-enabled sites, cooperates with Tor, and allows you to write your own rulesets in XML to better automate the switching of specific sites to their secure version.
Invisible: We installed HTTPS Everywhere almost instantly and were able to enjoy increased HTTPS security for popular sites like Facebook, Twitter, and 500px. We got into the good habit of checking for HTTPS in the address window even when we were not entering sensitive data for online sales.
Rulesets: Despite the add-on's intention to work with minimal user intervention, we used EFF guidelines to write a couple of rulesets for specific sites. We particularly liked the wildcard feature because in a stroke it widened security in deeper sub-domains that might not be normally covered by the default operation.
Speed: Although some additional checking and processing takes place when sites are opened, we did not feel any noticeable delays.
Web limitations: HTPPS Everywhere is severely limited by the reality that many sites do not support HTTPS at all. If this bothers you, then resorting to VPN is inevitable.
Option access: We were not able to access the options, including the ruleset tab, via the dropdown menu of the toolbar icon and had to go instead to the Firefox 29.0 main add-on menu.
HTTPS Everywhere successfully enhances your Firefox browsing security. While it works transparently without your intervention, it allows you to write custom rulesets for better security for particular sites that you frequently use. It is undoubtedly a very helpful tool that is set to evolve as sites and their visitors become ever more security conscious.
Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site.
The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.