Following Google's announcement of Chrome, the Mozilla Foundation is preparing by Firefox 60 and all newer browser versions, two new options that will mark HTTP websites as "not secure" in the browser's address bar.
It's obvious that the HTTPS protocol is being promoted across the web, and that the major browser manufacturers support the idea.
As mentioned earlier, Google announced this week that it intends to point out that all HTTP sites are unsafe by Chrome 68. The browser is scheduled to be released in the middle of 2018.
It's currently unclear when Firefox will start marking HTTP sites as unsafe, but we do know that from version 60 of Firefox will bring two options to help with this functionality.
Note that Firefox 60 will be the next version of ESR (from Extended Support Release)
Below you will see how to configure these options (Firefox 60 or later version required):
Open the inner page:
about:config?=security.insecure_connection_text.enabled
Double-click to enable it.
Open the inner page:
about:config?=security.insecure_connection_text.pbmode.enabled
Double-click to enable it.
These settings they will add the "not secure" flag to websites that use the HTTP protocol.
The pbmode.enabled setting will add the same flag to display "not secure" on pages using HTTP in private browsing mode.
Adoption of the HTTPS protocol is expected to improve greatly in 2018, and one reason is that browser manufacturers will finally begin to label HTTP pages as "unsafe".
So all website owners who want to have a decent and secure page should adopt the HTTPS.