Scribd
Upload
859 views3 pages

Firefox About Config Privacy and Security Settings

This document provides a list of privacy and security-related configuration settings that can be modified in the Firefox about:config interface. It summarizes over a dozen settings that disable features like link prefetching, DNS prefetching, sending referrer information, telemetry pings, geolocation, and others. The settings are provided to help harden Firefox privacy and security, but some may negatively impact performance or usability.

Uploaded by

edijhon5815
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
859 views3 pages

Firefox About Config Privacy and Security Settings

This document provides a list of privacy and security-related configuration settings that can be modified in the Firefox about:config interface. It summarizes over a dozen settings that disable features like link prefetching, DNS prefetching, sending referrer information, telemetry pings, geolocation, and others. The settings are provided to help harden Firefox privacy and security, but some may negatively impact performance or usability.

Uploaded by

edijhon5815
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Firefox about:config privacy and security settings

November 4, 2014
Below are some configuration settings you may consider enabling in Mozilla Firefox in
about:config for privacy and security reasons. This list is not meant to be exhaustive and
generally does not list entries that can easily be set via the options or preferences menu. Some
of these settings have a negative performance impact or remove functionality. Also keep in
mind that the further you take your Firefox configuration away from the norm, the rarer your
Firefox setup might become and therefore ironically enough, the more identifiable your
system may be (see https://panopticlick.eff.org/ for details) and so we recommend reviewing
the list below and setting those that make sense for your scenario. This list was created using
Firefox v33.
Begin by typing about:config in the Firefox location bar, then search for the following:
network.prefetch-next

Set it to false to disable. Link prefetching can be used by web sites to give web browsers hints
about which pages are likely to be visited so that the browser can download them ahead of
time, with the goal of improving performance. There is no same-origin restriction for link
prefetching. According to this FAQ, "prefetching will generally cause the cookies of the
prefetched site to be accessed".
network.dns.disablePrefetch

Set it to true to disable. Similar to above, this feature allows Firefox to perform DNS
resolution proactively.
network.http.sendRefererHeader

Set it to 0 to prevent Firefox from ever sending the HTTP referer, however this is known to
break certain web sites that check for the referer. Therefore an alternative to specifying this
setting would be to install the Refcontrol add-on which allows you control the referer and
specify per-site exceptions. You may also wish to review the setting
network.http.sendSecureXSiteReferrer.
browser.send_pings

Set it to false to disable. According to MozillaZine: "If you are concerned about privacy and
have already turned off referrer sending and JavaScript, you may want to set this preference
to false". If you decide to keep browser.send_pings enabled, then you may wish to review
browser.send_pings.require_same_host as well.
beacon.enabled

Set it to false to disable. As per the W3C Editor's Draft, part of the reason for the Beacon
specification is for "analytics".
geo.enabled

Set it to false to disable. This feature enables location-aware browsing. Although when this
feature is enabled Firefox prompts you on whether you wish to share your location, setting
geo.enabled to false permanently turns off this prompt.
general.useragent.override

Set it to any string you wish in order to override the default Firefox HTTP user agent string.
You may need to create this entry first by right-clicking in the list of preferences and selecting
New | String. Note that depending on which user agent string you specify, this will greatly
change your browsing experience for certain web sites, and also keep in mind that certain
fields in the HTTP headers can betray the actual underlying user agent that is being used.
webgl.disabled

Set it to true to disable. If you do not need this functionality, you should disable it in order to
reduce your attack surface. See this SANS ISC entry for details.
pdfjs.disabled

Set it to true to disable. This will disable the built-in PDF reader thus reducing your attack
surface, assuming of course you are not going to load the PDFs in a more vulnerable PDF
reader.
plugins.notifyMissingFlash

Set it to false if you did not install the Adobe Flash plugin for Firefox, which is becoming
more feasible with the shift towards HTML5. This will stop causing Firefox to prompting you
to install Adobe Flash when detecting Flash content.
security.cert_pinning.enforcement_level

Can be set any value from 0 to 3 to control certificate pinning behavior (0 disables it, which
we do not necessarily recommend). Review this page to confirm the best setting for you. Note
that setting it to 2 may interfere with certain security solutions.
security.tls.version.min

Set it to 1 to disable SSLv3 entirely, and higher to make TLSv1.1 or 1.2 the minimum version
to use. But this will no longer be necessary with Mozilla planning on disabling SSLv3 in the
upcoming Firefox 34 in order to mitigate against the POODLE attack.
network.IDN_show_punycode

Set to true to have Firefox display internationalized domain names in Punycode instead of in a
language-specific script. Only set this if properly rendering IDNs is a feature you do not
desire.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy