Mozilla Firefox is considered by many experts to be the best browser out there. It combines powerful user privacy protection features with a high level of security and regular updates. The latest version of Firefox is fast and includes a whole host of features to help you surf the Internet privately and securely.
Another great thing about Firefox is that it’s highly customizable, which is the reason for creating this guide. Below we will take a closer look at how a user can change Firefox settings so that the browser provides a high level of security and privacy, while remaining comfortable for browsing the web.
But before we get to the point, let’s take a look at some important information about setting up Firefox.
There are many factors to consider when configuring Firefox to suit your needs, including your threat model and browsing preferences. In other words, there is no "universal" configuration that will suit everyone. This guide is an overview of the features that can be used for various browser configuration options.
Before you start changing Firefox settings and installing a bunch of different add-ons, it’s important to know what Browser Fingerprinting is.
The topic of Browser Fingerprinting is relevant because it includes various ways to track and identify a user using his browser and the selected settings. All add-ons you install on your browser and settings changes you make to Firefox are inputs that can potentially be used to identify and track your activity.
This is the catch-22: the more add-ons you install and the more you change your browser settings, the more likely you are to stand out from the crowd and be easier to track. There are special programs to solve this problem – and the latest version of Firefox includes third-party tracking protection features and hides your Browser Fingerprinting.
More is not always better
When we talk about browser add-ons, don’t be like a kid who puts any possible dope in his ice cream. More is not always betterif we are talking about the number of extensions for the Firefox browser.
Having too many add-ons can slow down the performance of the browser and cause it to crash. Many popular Firefox extensions perform the same functionality and are redundant when used together.
Therefore, it is better to keep a balance. Install plugins and change only those parameters that you think will help in a particular case.
Changing some settings can drastically change the way you browse the web and cause some websites to fail to load. Thus, incremental changes to the settings are the best approach to modifying the browser. You can continue to install add-ons and change settings as long as you make sure that past modifications have taken effect and work correctly.
It is possible to add sites to the list of exceptions – they will not use the plugins you installed.
Firefox privacy settings
Before using Firefox, you may want to change the settings below to improve your privacy.
Note: If you are a macOS user, you will see the word " Preferences " in your menu, not " Options " as mentioned below.
Firefox shares "technical and user activity data" with Mozilla by default. This includes the ability to conduct various kinds of research, among which is the analysis of the activity of your PC. You can learn more about this kind of research here. In addition, there is also a page that talks about Mozilla’s data collection practices . In any case, we recommend that you disable these features.
To do this, navigate to the following path: " Settings " > " Privacy and Security " > " Firefox Data Collection and Use ". Then uncheck the options as shown in the picture below.
You can also turn off telemetry in your Android browser by going to the following path: " Settings " > " Privacy and Security " > " Data Collection " and then unchecking all three options.
Note: You can disable telemetry in the " About: Config " settings in the toolkit.telemetry.enabled parameter, which should be set to " False ".
Changing the default search engine
Firefox currently uses Google as its default search engine, but you can use other private search engines instead.
To do this, go to the following path: " Settings " > " Search " > " Default search engine ". Firefox doesn’t provide many alternatives to the user directly in the settings area. However, you can view additional options by going to the Search Engines section and then selecting the Find Other Search Engines option to view the available alternatives.
Firefox has even published a guide to changing search engine settings.
Firefox content blocking
Another great feature of Firefox is blocking inappropriate content. This customizable option will automatically block any content that might track your activity and the sites you visit. There are three data filtering modes: standard, strict and personal. You can block:
- "Browser Fingerprints"
To configure content blocking settings in Firefox, go to the following path: " Settings " > " Privacy and Security " and then select the mode you want to use.
Standard mode is a great option for everyday use. Firefox warns that strict mode can cause certain sites to fail when loading.
Disable content blocking for specific sites
You can easily disable content blocking on trusted sites. Just enter the URL of the resource, and then click on the " i " icon to the left of the address bar and click on the gray button to stop blocking content.
Another benefit of Firefox’s content blocking feature is that the browser allows you to save your input and automatically increases page loading speed.
"Do Not Track" request
Firefox can also send a request to sites not to track your activity. This is done very simply: a special field is added to the HTTP header. However, the key point when discussing this feature is that it does not, in fact, block tracking. Many websites simply ignore such requests.
Among other things, this feature can make your browser footprint on the web more visible. Therefore, we recommend turning it off so as not to attract additional attention.
You can learn more about the Do Not Track request by clicking here.
In addition to the settings in the main menu that we talked about earlier, you can also make a number of different changes by opening the About:config section.
Note. If you have made all the above changes to your browser settings, you will be able to see that the status of some settings has already been updated in the "About:config" menu as well. Next, we will also talk about how you can configure Firefox directly from this section. Some options will be repeated as there is a whole group of users who change system settings directly from the About:config menu .
To access these settings, type " about:config " into the URL bar and press the " Enter " button. You will see the inscription ” Proceed with caution ", you should select the option ” Accept the risk and continue ” to start changing browser settings.
After that, you will see a large list of settings, each of which has a status, type and value.
The available options are listed in alphabetical order. In addition, at the top of the page you will find a search bar, with which you can instantly find the option you need.
You can change any browser setting by double-clicking on it with the left mouse button. If the option is of boolean type, then double-clicking will change its value to " True " or " False ". If the option is of type " Integer " or " String ", then double-clicking will open a special field for changing its value.
Below are the settings we think should be changed.
The Web Real-Time Communication (WebRTC) feature allows users to make video calls, make voice calls, and send files over a P2P network. Unfortunately, using this option may expose your real IP address via STUN requests, even if you are using a good VPN service. A similar problem is called a WebRTC data leak.
To disable the WebRTC option in Firefox, type " media.peerconnection.enabled " into the search bar and then double click on the found option to change its value to " False ".
In addition to Firefox, the WebRTC vulnerability affects other Chromium -based browsers such as Chrome, Opera, Brave, as well as Safari.
privacy.resistFingerprinting = true
Changing this setting to True will help make Firefox’s footprint less visible on the web.
Note. There are many factors that affect the size of a browser fingerprint and the ability to accurately identify you. This is just one way to reduce your footprint on the web.
privacy.trackingprotection.fingerprinting.enabled = true
Another feature that helps keep you private and reduces your browser fingerprint.
privacy.trackingprotection.cryptomining.enabled = true
With its help, the user can block the use of cryptominers on websites.
privacy.firstparty.isolate = true
Changing this feature to True will isolate cookies for the First Party domain, which prevents your activity from being tracked on other domains. This isolation affects many components: Cookies, cache, HTTP authentication, DOM storage, Flash Cookies, SSL and TLS session resumption, Shared Workers, BLOB URIs, SPDY and HTTP/2, automatic cross-origin redirection, window.name, auto-completion of forms, HSTS and HPKP supercookies, broadcast channels, OCSP, favicons, media resource URIs, speculative and prefetched connections.
This option was first added in late 2017 as part of the Tor Uplift project .
privacy.trackingprotection.enabled = true
Built-in tracking protection from Mozilla. For its correct functioning, the Disconnect.me filter list is used. Needless to say, it might even be redundant if you’re already applying uBlock Origin filters .
geo.enabled = false
By setting this parameter to False, the user will not be able to track his location, information about which can be requested by the site he opened. As Mozilla explains, this option is enabled by default. The browser uses Google’s location service to calculate your geolocation. To do this, Firefox sends to Google:
- your computer’s IP address;
- information about nearby Wi-Fi points;
- a random client ID assigned by Google (expires every two weeks).
Before the data is sent to Google, you will receive a request from the site you are visiting. Therefore, you can still be in control even if your location is being tracked.
By setting this parameter to False, you will prevent websites from accessing your microphone and camera.
This is an option of integer type with different value options. There are several options for cookie values:
- 0 = Accept all cookies by default.
- 1 = Only accept cookies from a specific site (block third-party cookies)
- 2 = block all cookies by default
- 3 = block cookies from previously unfamiliar sites
- 4 = New Cookie Storage Policy (prevent trackers from accessing storage)
To increase your privacy level, set a value between 1 and 4. For example, a value of 4 will give you full tracking protection, but it can also cause certain sites to fail to load. You can read more about this here.
This is another integer type option and should be set to 2. It allows the user to decide when cookies are deleted. The following options are possible:
- 0 = always accept cookies;
- 1 = All Cookies must be approved
- 2 = Only accept cookies during the current session
- 3 = accept cookies for N-number of days
If set to 2, the websites you visit should open without any problems. All cookies will be automatically deleted after the session ends.
network.dns.disablePrefetch = true
By setting this parameter to True, the user will prevent Firefox from "prefetching" DNS. While activating this feature may improve page loading speed, it also comes with some risks, which are described in this article.
network.prefetch-next = false
Similar to DNS prefetching, setting this to False will give you the option to prevent Firefox pages from being prefetched . Mozilla has added this feature to speed up the loading of web pages that you frequently visit. However, its use poses a threat to your privacy. A vivid example of how privacy has to be sacrificed in order to improve the quality of the browser.
webgl.disabled = true
Using WebGL is a potential security risk, so it’s best to disable this feature by setting webgl.disabled to True. Another problem with WebGL is that this option can be used to track your phone’s activity.
dom.event.clipboardevents.enabled = false
With this feature, you prevent websites from being notified when you copy, paste, or cut from their pages.
This option disables automatic playback of DRM-related HTML5 content. You can read more about this here.
Firefox Safe Browsing Settings
Many experts recommend disabling Firefox’s Safe Browsing feature due to privacy concerns and potential Google tracking. However, such concerns are not relevant – they were based on older versions of the browser that used "real-time URL search". This method has not been used since 2011.
When searching for a specific URL, Firefox takes the following precautions to protect user privacy (according to François Marie, Mozilla security engineer):
- Query string parameters are stripped from URLs, which are themselves further checked as part of the base security feature.
- The Safe Browsing Cookies are stored separately so they don’t get mixed up with other Standard Browsing Cookies.
- When requesting the full hash for a 32-bit prefix, Firefox adds a few extra "noise components" to further obfuscate the original URL.
Therefore, we have come to the conclusion that disabling Safe Browsing will not give you any tangible privacy benefits, and will also create an additional security risk. However, if you still want to disable this feature, you can do so in the " about:config " menu:
- safebrowsing.phishing.enabled = false
- safebrowsing.malware.enabled = false
High-level privacy and security extensions in Firefox
There are several great add-ons for the Firefox browser that provide a high level of user privacy and security.
Note. When looking for extensions for Firefox, keep in mind what changes you have already made to your browser settings. Some of them may be redundant, overload the program and lead to errors in work.
Combined with the settings changes above, we recommend that you install the following extensions to improve your privacy level:
- uBlock Origin
- HTTPS Everywhere
All three extensions are in addition to the settings listed above, are easy to use, and probably won’t break websites you visit regularly.
It is worth mentioning separately one more worthwhile addition – Cookie AutoDelete. However, if you have already changed your cookie settings in the "about:config" menu (as described above), then you will not need it.
uBlock Origin is an effective plugin that blocks both ads and trackers. It has gained popularity as a decent alternative to Adblock Plus, allowing it to host "acceptable ads" that many users don’t like. One of the bonuses of uBlock Origin is that the add-on can significantly improve browser performance and web page loading speed.
In addition, in uBlock Origin, the user can whitelist certain websites. Considering that many resources deny access to them if they detect an ad blocker, the option to whitelist a site will definitely come in handy. uBlock Origin is free and open source.
HTTPS Everywhere is a great Firefox add-on. It establishes an HTTPS connection to the websites you visit, as long as HTTPS is available for them.
Fortunately, more and more websites are adopting HTTPS technology. However, HTTPS Everywhere is still a useful extension to use in Firefox.
You can get more information about HTTPS from the Electronic Frontier Foundation, which is responsible for creating this program.
Decentraleyes is an interesting Firefox add-on that protects you from being tracked by content delivery networks operated by third parties. While CDNs do help improve page loading speed and browser performance, they are usually offered for free by third parties that use the data they collect to track your online activity. Among such companies that are trying to get information about you are Google, Microsoft, Facebook, Cloudflare, Yandex, Baidu, MaxCDN.
Decentraleyes solves your privacy problem by hosting CDN resources locally. As described in their own GitLab repo, Decentraleyes "intercepts traffic, finds relevant resources locally, and injects them into the environment ", thereby preventing CDN users from being tracked.
You will not need this add-on if you have made the above changes to your settings to automatically delete cookies after your session ends.
However, if you prefer using add-ons instead of making changes to your browser settings, then AutoDelete Cookie is a great choice. The extension removes cookies that you no longer need, thereby protecting the user from tracking.
Privacy Badger is another add-on from the Electronic Frontier Foundation that blocks ads and trackers. One of the downsides of the extension is that it only blocks third-party sites. For example, Google Analytics sites will not be blocked. Another disadvantage of Privacy Badger is that the plugin doesn’t actually use the filter list. Instead, it mostly learns as you apply it.
It’s worth noting that Privacy Badger is very easy to use and goes a long way in providing a high level of privacy while browsing the web. It can be used in combination with uBlock Origin, although there are some similarities in terms of functionality.
uMatrix is an advanced add-on that gives you control over queries that can track activity on the sites you visit. It was developed by the same people behind uBlock Origin. One of the advantages of uMatrix is that the extension is very easy to customize for a specif