One simple browser setting can help block shady websites

Over the years, browsers like Chrome, Edge, and Firefox have worked harder and harder to block shady websites from users. We get warnings about insecure and dangerous URLs. But, oddly enough, these apps won’t force you to use secure connections (HTTPS) by default.

This type of connection was a major upgrade for security when it launched; nosy individuals could no longer see the exact data passed between a PC (or other device) and a website. Though HTTPS is commonly used, browsers still let you access insecure sites–not the best idea in 2026, where bad actors can easily manipulate traffic transmitted over HTTP.

Google is aware of this reality—its Chrome team announced several months ago that come October 2026, the app will make secure connections the standard. Users must grant permission before an insecure address loads.

But you don’t have to wait six months for that update. You can change your browser’s settings right now. For most people, it’s a smart move—AI is accelerating how fast online threats appear. Better to have the extra protection now.

In Chrome:

• Click on the three-dot menu at the upper right
• Select Settings
• In the left-hand menu, click Privacy & security
• Choose Security
• Under “Secure Connections,” choose Always use secure connections

You can choose between two variations of this mode. The default (“Warns you for insecure public sites”) should be sufficient for most users, and it avoids the hassle of seeing warnings when accessing devices within your home network, like a router administration page.

But if you like to know what’s going on at all times, you can switch to “Warns you for insecure public & private sites.”

In Edge:

• Click on the three-dot menu at the upper right
• Choose Settings
• Search for “HTTPS” in the search bar in the upper right
• Find the result that says Automatically switch to more secure connections with Automatic HTTPS
• Click the toggle to enable the feature

Another way to find this feature: When in Settings, click on the three-line menu in the upper left and choose Privacy, search, and services then click on Security.

In Firefox:

• Click on the three-line (“hamburger”) menu in the upper right
• Select Settings
• Click on Privacy & Security
• Scroll all the way down (almost to the end) and find HTTPS-Only Mode
• Choose Enable HTTPS-Only Mode in all windows

You can choose to step down the level of security to Enable HTTPS-Only Mode in private windows only, but most people will get a bigger benefit to having this setting enabled for all windows. You’ll still be able to visit insecure sites if you must (e.g., a management page for a device within your home network).