diff --git a/.travis.yml b/.travis.yml
index 6b7e347c9996..9e0cafbd7e5e 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -32,5 +32,6 @@ before_script:
   - export FIREFOX=$PWD/firefox/firefox
 script:
   - ./test.sh
+  - test/travis-ruleset-fetch.sh
 sudo: required
 dist: trusty
diff --git a/install-dev-dependencies.sh b/install-dev-dependencies.sh
index a68ab61b5b97..d1c3b2f928f5 100755
--- a/install-dev-dependencies.sh
+++ b/install-dev-dependencies.sh
@@ -38,5 +38,5 @@ cd test/chromium
 pip install --user -r requirements.txt
 cd -
 
-# Install a hook to run tests before pushing.
+# Install git hook to run tests before pushing.
 ln -sf ../../test.sh .git/hooks/pre-push
diff --git a/test/rules/http.checker.config b/test/rules/http.checker.config
new file mode 100644
index 000000000000..8d268e4ff108
--- /dev/null
+++ b/test/rules/http.checker.config
@@ -0,0 +1,33 @@
+# Config for checking connections of non-default_off rules
+# without checking coverage.
+[rulesets]
+# Directory with XML files describing HTTPS Everywhere rulesets
+rulesdir = src/chrome/content/rules
+check_coverage = false
+auto_disable = false
+include_default_off = false
+
+[certificates]
+# Certificate trust anchors for checking chains in HTTPS connections
+basedir = test/rules/platform_certs
+
+[http]
+user_agent = Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 Firefox/36.0
+enabled = true
+connect_timeout = 10
+read_timeout = 15
+redirect_depth = 10
+threads = 40
+fetch_in_subprocess = false
+
+[log]
+logfile = -
+loglevel = info
+
+[thresholds]
+metric = markup
+max_distance = 0.1
+
+[debug]
+graphviz_file = HTEC_trie.dot
+exit_after_dump = true
diff --git a/test/travis-ruleset-fetch.sh b/test/travis-ruleset-fetch.sh
new file mode 100755
index 000000000000..ab877d24ab00
--- /dev/null
+++ b/test/travis-ruleset-fetch.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+# Run https-everywhere-checker for each changed ruleset
+
+# Folder paths, relative to parent
+RULESETFOLDER="src/chrome/content/rules"
+RULETESTFOLDER="test/rules"
+
+# Go to git repo root; taken from ../test.sh. Note that
+# $GIT_DIR is .git in this case.
+if [ -n "$GIT_DIR" ]
+then
+  # $GIT_DIR is set, so we're running as a hook.
+  cd $GIT_DIR
+  cd ..
+else
+  # Git command exists? Cool, let's CD to the right place.
+  git rev-parse && cd "$(git rev-parse --show-toplevel)"
+fi
+
+# Fetch the current GitHub version of HTTPS-E to compare to its master
+git remote add upstream-for-travis https://github.com/EFForg/https-everywhere.git
+git fetch upstream-for-travis master 
+RULESETS_CHANGED=$(git diff --name-only upstream-for-travis/master | grep $RULESETFOLDER | grep '.xml')
+git remote remove upstream-for-travis
+
+# Only run test if something has changed.
+if [ "$RULESETS_CHANGED" ]; then
+  echo >&2 "Ruleset database has changed. Testing test URLs in all changed rulesets."
+
+  # Make a list of all changed rulesets, but exclude those
+  # that do not exist.
+  for RULESET in $RULESETS_CHANGED; do
+    # First check if the given ruleset actually exists
+    if [ ! -f $RULESET ]; then
+      echo >&2 "Skipped $RULESET; file not found."
+      continue
+    fi
+    TO_BE_TESTED="$TO_BE_TESTED $RULESET"
+  done
+
+  if [ "$TO_BE_TESTED" ]; then
+    # Do the actual test, using https-everywhere-checker.
+    TESTOUTPUT=$(python $RULETESTFOLDER/src/https_everywhere_checker/check_rules.py $RULETESTFOLDER/http.checker.config $TO_BE_TESTED 2>&1)
+    echo >&2 "$TESTOUTPUT"
+    # Unfortunately, no specific exit codes are available for connection
+    # failures, so we catch those with grep.
+    if [[ "$TESTOUTPUT" =~ "ERROR" ]]; then
+      echo >&2 "Test URL test failed."
+      exit 1
+    fi
+  fi
+  echo >&2 "Test URL test succeeded."
+fi
+
+exit 0