If you use Mozilla Firefox and are using development websites with self-signed certificates, expired certificates or just don't care about legitimate SSL/TLS certificates, you will see warnings because Firefox has by default enabled https-only websites from being accessed. This blog post shows how to disable those warnings for whitelisted websites.
Steps to disable "Potential Security Risk Ahead" warning in Firefox
Table of Contents
Scenario
You are accessing a development website on a remote server that does not have a valid SSL certificate
Or maybe, you have a development website running off your local web server and may or may not have SSL certificates for it.
A third scenario is where you are accessing a remote website which has expired SSL/TLS certificates and you have to access this http-only unsecure website, and you don't care about Man in the Middle Attack (MITM) or sniffing.
In all these cases, you may be presented with this warning when accessing the website:
Warning: Potential Security Risk Ahead Firefox detected a potential security threat and did not continue to aruljohn.beta. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.
Firefox Warning: Potential Security Risk Ahead
As an alternative, you have the option of using Google Chrome.
Or else, if you want to use Firefox, this blog post is for you.
Disable this warning in Firefox
In our example, we will disable the warning for the website aruljohn.beta
Go to Firefox browser, click on Firefox and > Settings
In the left panel, select Privacy & Security
Firefox Privacy and Security
Under Privacy & Security, scroll down to the Security section. Find the Certificates section.
Firefix View Certificates
In the Certificates subsection, click on View Certificates
Firefox Certificate Manager
Click on Add Exception and enter the website URL as it is. Include any ports, if necessary.
In my case, I was running my website on my local Nginx web server as aruljohn.beta, and on port 8080. That's why I entered https://aruljohn.beta:8080. My local website is self-signed, but you don't even need to have self-signed certificates to disable HTTPS on Firefox this way.
After that, click on Get Certificate. If the website actually exists, you will get a message with a Confirm Security Exception prompt. Click on it. If you have been successful so far, your Certificate Manager screen will look like this.
Firefox Certificate Manager - List of Websites
If you have more websites with self-signed SSL certificates and want to add them, you can repeat the process for each website.
Conclusion
I hope this blog post was useful to you. Please make sure that you do not disable HTTPS on all websites or any important websites. These steps are only meant for your development websites or any website that does not have any important information.
Do NOT enter any important information that you value in a website that does not have a proper SSL/TLS certificate. Thanks for reading.
Related Posts
If you have any questions, please contact me at arulbOsutkNiqlzziyties@gNqmaizl.bkcom. You can also post questions in our Facebook group. Thank you.