Meidokon Wiki
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Useful(?) links

  • furinkan's stuff

  • Postfix snippets

  • SystemInfo

  • This sidebar

Navigation

  • FrontPage
  • RecentChanges
  • FindPage
  • HelpContents
Revision 2 as of 2022-01-11 12:40:21
MeidokonWiki:
  • FirefoxHardening

This is Saj's guide, taken from https://files.slack.com/files-pri/T4Y3623FD-F025LCJ53CJ/firefox-hardening.asciidoc

This is a list of things I do when installing Firefox on a new machine.

Contents

  1. First launch
  2. Preferences
      1. General
      2. Home
      3. Search
      4. Privacy and Security
  3. about:config
  4. Extensions
  5. References

First launch

Navigate to about:profiles and create a new profile with a sensible name. Delete the default profile.

Preferences

General

  • Restore previous session: enabled
  • Warn you when quitting the browser: enabled
  • Ctrl+Tab cycles through tabs in recently used order: disabled
  • Set a minimum font size
  • Allow pages to choose their own fonts: disabled
  • Set languages: fuckoff en-US; replace with actual English
  • Do not open PDFs with Firefox
  • Recommend extensions as you browse: disabled
  • Recommend features as you browse: disabled

Home

  • Web Search: disabled
  • Sponsored Top Sites: disabled

Search

  • Provide search suggestions: disabled
  • Remove Amazon, Bing, eBay

Privacy and Security

  • Enhanced Tracking Protection: Strict
  • Do Not Track: Always
  • Ask to save logins and passwords: disabled
  • Permissions: disable everything
  • Allow Firefox to send technical and interaction data to Mozilla: enabled... for now
  • Allow Firefox to make personalised extension recommendations: disabled
  • Allow Firefox to install and run studies: disabled
  • Allow Firefox to send backlogged crash reports on your behalf: disabled
  • Query OCSP responder servers: disabled
  • Don't enable HTTPS-Only mode

about:config

See link:macos.asciidoc[macos notes] for _High-DPI_ workarounds.

  • accessibility.force_disabled: 1

  • beacon.enabled: false

  • browser.send_pings: false

  • browser.tabs.warnOnClose: false

  • browser.urlbar.trimURLs: false

  • dom.serviceWorkers.enabled: false

  • extensions.pocket.enabled: false

  • geo.enabled: false

  • identity.fxaccounts.enabled: false

  • network.IDN_show_punycode: true

  • network.predictor.enabled: false

  • network.prefetch-next: false

  • ui.contextMenuOffsetHorizontal: 5 (must be created)

  • ui.contextMenuOffsetVertical: 5 (must be created)

  • webgl.disabled: true

If you do not intend to use WebRTC crap (Google Meet et. al.):

  • media.navigator.enabled: false

  • media.peerconnection.enabled: false

Extensions

Cookie AutoDelete

  • Enable automatic cleaning: enabled
  • Set 30s delay before automatic cleaning
  • Enable cleanup on domain change: enabled
  • Enable greylist cleanup on browser restart: enabled
  • Enable IndexedDB cleanup: enabled

  • Enable LocalStorage cleanup: enabled

  • Enable Plugin Data cleanup: enabled
  • Enable Service Workers cleanup: enabled
  • Enable support for Container Tabs: enabled
  • Show notification after automatic cleanup: disabled

Decentraleyes (defaults are fine)

uBlock Origin

  • I am an advanced user: enabled
  • Prevent WebRTC from leaking local IP addresses: enabled
  • Enable all _Built-in_, _Ads_, _Privacy_, and _Annoyances_ filters. Enable _Dan Pollock's hosts file_ filter.

References

  • http://sciops.net/information/technology/firefox

  • https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/

  • MoinMoin Powered
  • Python Powered
  • GPL licensed
  • Valid HTML 4.01
MoinMoin Release 1.9.11 [Revision release], Copyright by Juergen Hermann et al.