This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Caută ajutor

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Află mai multe

Acest fir de discuție a fost arhivat. Adresează o întrebare nouă dacă ai nevoie de ajutor.

masses of messages that a site is malicious

more options

In accessing whatever site I get the message connection is not save. The screen covers the other entries like passwords etc. How to get rid of this nonsense! I get the message also when I access my NAS server on my local network !!!!!!!!! You should at least remove this nonsense when I access sites on my local network. E.g.: when I access 192.168.1.88:5000 I get this nonsense. When I choose 192.168.1.88:5001 I get 400 Bad Request The plain HTTP request was sent to HTTPS port nginx If there is no simple solution I quit Firefox

In accessing whatever site I get the message connection is not save. The screen covers the other entries like passwords etc. How to get rid of this nonsense! I get the message also when I access my NAS server on my local network !!!!!!!!! You should at least remove this nonsense when I access sites on my local network. E.g.: when I access 192.168.1.88:5000 I get this nonsense. When I choose 192.168.1.88:5001 I get 400 Bad Request The plain HTTP request was sent to HTTPS port nginx If there is no simple solution I quit Firefox

Toate răspunsurile (2)

more options

Is it a pop up?

more options

First, it's best if you can tell us exactly what the message says.

"Malicious" is a judgment based on data from Google's SafeBrowsing service. I'm pretty sure Google isn't collecting URL data on your NAS.

"Insecure" refers to a HTTP address or a seriously weak HTTPS connection. You simply need to make your own judgment whether that bothers you.

Warnings on Login Forms on HTTP Pages

Firefox 52 introduced a warning on the login form on HTTP sites to remind you that your login is not protected from interception because there is no encryption on HTTP connections -- your username and password are sent out over the network as plain text. Specifically:

  • The warning panel should appear below the user name and/or password field, but depending on the site's styling, it might block the field. In that case, you can clear it by tapping the Esc key.
  • If you previously saved a login for an HTTP site, you have to select your saved username from a drop-down in order to fill your login, rather than having it filled automatically.

See: Insecure connection password warning in Firefox.

If you find this to be too much trouble, you have some options for changing settings to make it work like Firefox 51. Here is an illustration of the effects of the changes, and the step-by-step follows:

To Remove the Warning Panels

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste insec and pause while the list is filtered

(3) Double-click the security.insecure_field_warning.contextual.enabled preference to switch the value from true to false

(4) Assume this login could be easily stolen and avoid re-using it on important sites

To Allow Auto-fill of Username and Password

(5) In the search box above the list, type or paste signon and pause while the list is filtered

(6) Double-click the signon.autofillForms.http preference to switch the value from false to true

(7) Don't forget that's it's an insecure submission (the "slashed" lock in the address bar will still be there was a reminder)