Disable HTTP support completely. Only ever use HTTPS

How do I prevent Brave from trying http first when you type in a URL without specifying the transport type?

I need it to only ever use https, if https doesn’t load anything that’s fine, but it should never try http at all.

All my other browsers can do this, except for Brave. Is Brave no longer about security and privacy?

1 Like

@smoothflag9792 You never did stop to look in Settings, did you?

1 Like



Thanks, I appreciate the help, but you could have dropped the condescending assumption about me. So, yes, I went through settings before signing up here to see if I could get some help, didn’t realise insults were included… do I pay extra for those? Lol.

I already had Upgrade connection to HTTPS, but I have been looking through settings and did a Google search on “Brave Advanced controls” and have not found anywhere that explains how to show the “Only connect with HTTPS” option.

Checked the flags settings and the only thing that sounded like it might help was “HTTPS Upgrades” which I enabled and relaunched but no change in behaviour.

Any idea how I find that or enable it? Feel free to add another insult if it helps :smiley:.

1 Like

There used to be a setting in brave://settings/security named “Always use secure connections” (HTTPS-Only), but it looks like this has been removed. It appears Brave now relies solely on “Upgrade connections to HTTPS” in brave://settings/shields.

Can you confirm whether you’re still experiencing this issue in Brave Stable Version 1.59.120? In a prior 1.59 version, Brave wasn’t correctly upgrading http:// to https:// even with “Upgrade connections to HTTPS” set to “Strict”, but now it seems to be working again.

It’s a shame Chromium-based browsers don’t allow admins to offer a true HTTPS-Only mode, one that prevents the end user from clicking through the warning as well – an equivalent to the “Allow users to proceed from the HTTPS warning page” Group Policy setting in Edge. But that is more a Google issue than a Brave issue.


Apologize, truly not meant to be condescending. But it did definitely come from a place of annoyance as I had a lot of people posting questions with obvious answers if they spent time to look. I think what really “triggered” me was the “All other browsers do this. Is Brave no longer about security and privacy?”

So rather than seeking help, just seemed to be one of those things complaining and making accusations. In as much feedback you’re giving me, I’d like to suggest you reconsider that for the future. Inserting jabs/quips like that often aren’t productive.

Do keep in mind, I’m not employed with Brave and am just a volunteer. What I should have done though was distance myself a bit more when started to get annoyed. I do apologize in how that came across.

This option is site specific on Shields. So that little lion icon we have in our address bar. When you click on it, you end up with options as in the screenshot below. Whichever option you choose there will change for that site only:

The other image I showed you is from your global settings in Shields. That can be found at brave://settings/shields as PDC mentioned as I was typing this out. If you have that set to Strict, it should serve the same purpose as the one that says Only connect with HTTPS.

1 Like

You’re all good mate. I have thick skin, was just throwing back a bit of shade. After I replied, I thought about it and realised that my smart a** comment at the end probably was a bit unnecessary :), But I was directing that at the software, not the community or a person. However, I accept that was said out of some frustration, so I did put out a bit of negative energy there.

So apology accepted of course, and appreciated. I came back hard, and you could have doubled down, but didn’t. I have helped out in a bunch of forums over the years, so know exactly what you mean about those questions where you wonder if they even tried. lol.

Thanks for the help, I mean that.

I know in Edge (my main browser) if I type in a URL it just tries https, doesn’t bother with http. Same with FF, not sure about Chrome… I rarely spin that up these days.

Hopefully it gets added at some point.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.