[How-To] Install and Configure Force-TLS Security Firefox Add-On

In an earlier article on Technofriends, you learnt about Firesheep and how it can easily let layman do HTTP Session Hijacking. You also learnt about 2 Security Add-Ons which can help you protect yourself from Firesheep. In this article, you will learn how to configure Force-TLS, a Firefox Security Add-On.

Force – TLS when added to your Firefox browser will actually force the browser to establish a secure HTTPS connection to the websites that support it. In this article, I shall take you through simple steps of how to add Force- TLS add-on to Mozilla Firefox browser.

Installing Force-TLS Firefox Add-On

• Download Force-TLS from forcetls.sidstamm.com

• Open the Firefox browser. Click on Tools and select Add-ons from the drop-down menu.

• In the search box, key in “Force-TLS”. Click on the magnifying glass icon and let the system search for the downloaded Force-TLS software.

• Once the search is over, you will see the Force-TLS add-on listed below. Click on Add to Firefox button.

• Now, to install Force-TLS, click Install Now button.

• Once the installation is done, you will be asked to restart the Firefox browser.

• The Firefox browser will close and then re open with a dialog box confirming the installation of the Force-TLS add-on.

• Once you confirm, you will see a message ‘’1 new add-on has been installed”.

How to Configure Force-TLS Add On

• Now that Force TLS add-on is installed, you need to instruct it what site(s) need to force- establish a secure connection.

• For example, if you want to instruct Force- TLS to establish a secure connection with Facebook (www.facebook.com) , follow these steps.

• Open the Firefox browser. Click on Tools and then Force TLS Configuration from the drop-down menu.

• In the Address of the website box, enter www.facebook.com. Click on Add site.

• You will see a confirmation that Facebook.com is added to the list. In this manner, you can addother websites you wish to have a secure connection ( Note: The website you add must support the HTTPS feature to do this).

• Finally, you must verify if a continuous secure connection to Facebook.com is established from your Firefox browser.

• To do that, start accessing your Facebook account. You will notice that the website will start with “https” URL.

• Click on “Home”, “Profile” links on Facebook and you will see “https” instead of http. This way you can verify there is a continuous secure connection established.

Swetha Kalyanee contributed for this article, she is a Freelance Technical Writer (Information Technology) based in Chennai.

Follow me on Twitter at @vaibhav1981 Tagged with: Firefox, Firefox Add On, Firesheep, Force TLS, HTTP, HTTP Session Hijacking, HTTPS Everywhere, security, Session