Mozilla Firefox is arguably the best browser, combining powerful privacy protection, good security, proactive development and regular updates. The latest version of Firefox is fast, lightweight, and contains a lot of settings to protect your privacy.
For this reason, I think Firefox is the best privacy and security browser. It’s still a reliable alternative to other options like Google Chrome, Microsoft Edge and Safari.
Another important aspect of Firefox is that it is highly customizable , which is the focus of this guide. Below we will show you how to customize Firefox to provide you with the security and privacy you need while still being able to perform daily browsing.
But before we get in, let’s introduce some important details.
There are many factors to consider when configuring Firefox to meet your needs, including threat models and browsing preferences. In other words, there is no “one size fits all” configuration for everyone. This guide is a basic overview that covers a few different configuration options.
Before you start configuring Firefox and installing a bunch of add-ons, it’s important to consider browser fingerprinting.
Problem browser fingerprints (or device fingerprints) are a big topic that covers all the different ways you can track and identify your system and various settings. All the different add-ons you install and the preference changes you make to Firefox are available to identify and track your input.
This is catch-22 : The more browser plugins you install, the more settings you make, the more unique you are, making it easier to track and identify. I discussed this in depth in the browser fingerprinting guide – and also provided a solution.
This leads us to the second point…
More is not always better
When it comes to browser add-ons and modifications, you don’t want to be like a child who puts everything he imagines on his ice cream. It works better when using ice cream ingredients or using the Firefox browser plugin.
In addition to browser fingerprinting issues, having too many add-ons can also degrade performance. Many popular Firefox add-ons can also implement the same functionality and are redundant when used together .
Therefore, it is best to take a balanced approach. Just install and modify what you think is useful and necessary for your situation, and that’s it.
Modifying some of these settings may interfere with your browsing and damage certain sites (sites don’t load properly). So taking an incremental approach is probably the best approach. You can continue to install add-ons and adjust settings as you can see how it works for sites you visit frequently.
This allows you to modify settings, create exceptions, or add sites to the whitelist.
Firefox privacy settings
Before you start using Firefox, you may need to adjust the following settings for better privacy.
Note: If you are a Mac OS user, you will see the word “Preferences” in the menu instead of “Options” as shown below.
Use the latest version of Firefox, which is configured to share ” technical and interactive data ” with Mozilla . This includes the ability to ” install and run research ” on your computer . You can learn more about these research and data collection practices if needed, but I recommend that you disable these settings.
To disable go to the Open menu (three bars in the top right corner of the browser) > Options > Privacy & Security > Firefox Data Collection and Use , then uncheck the box below:
You can also disable Firefox for Android data sharing by going to Menu > Settings > Privacy > Data Selection and unchecking all three categories of Telemetry, Crash Report and Mozilla Location Services.
Note: You can also disable this feature by setting toolkit.telemetry.enabled to false in the About: configuration settings .
Change the default search engine
Firefox now uses Google as the default search engine, but you can use other private search engines.
To do so, go to Menu > Search > Default Search Engine . Unfortunately, Firefox doesn’t offer you too many options directly in the settings area. However, you can view more options by going to the Click Search Engine and clicking Find More Search Engines to see additional options.
Startpage seems to be a great choice to give you good results and still respect your privacy.
Firefox also provides guidelines for modifying search engine settings.
Enable tracking protection
With a newer version of Firefox, you can now enable tracking protection to keep it active, not just in private browsing mode. To do so, go to Menu > Options > Privacy & Security > Track Protection and click Always .
You can also enable tracing protection in Firefox for Android by going to Menu > Settings > Privacy > Tracking Protection and clicking the Enable box.
This can also improve browser performance.
Not tracking (request)
Firefox also has the option to request that the site “do not track” your online status. This is just an HTTP header field that you can easily enable. However, the keyword here is the request , because this does not actually prevent anything. We also learned that many websites ignore these requests .
On the positive side, there are some sites that respect not tracking requests. To enable the “do not track”, just go to ” Menu” > ” Options” > ” Privacy and Security” > ” tracking protection” , and then “Send the site a” “do not track” signal … Under Select ” Always” .
You can enable this feature in Firefox Android by going to Menu > Settings > Privacy > Do not track .
Now we will go into the about:config setting.
Firefox About: Configuration Settings
In addition to the general menu settings we used above, you can also make many different modifications using about:config.
Note: If you made all of the above changes, you may notice that some of these settings have been updated in about:config. We’ll cover the different about:config because some people prefer to modify the settings in this area instead of going through the general menu.
To access these configuration settings, simply type about:config in the URL bar and press Enter. A warning screen will appear, stating “This may void the warranty.” Just click ” I accept risk ” to continue.
After continuing, you will see a large number of preferences, each of which contains status, type and value.
These preferences are listed in alphabetical order and can be easily searched from the search bar near the top.
Modify your preferences – just double-click on the preference name to modify any of these Firefox preferences. If the preference is of type “Boolean”, double-click to change the value to true or false. If the preference is of the “integer” or “string” type, double-clicking will open a box to change the value.
WebRTC stands for “Web Real-Time Communication”, which allows voice, video chat and P2P sharing via a browser. Unfortunately, even if you are using a VPN service, this feature can request your public IP address to be published via the browser STUN .
To disable WebRTC in Firefox, simply enter media.peerconnection.enabled into the search bar and double-click the value to change it to false .
Note – In addition to Firefox, the WebRTC vulnerability affects Chrome, Opera, Brave and other Chromium-based browsers. Check out the WebRTC leak guide for steps to block or disable WebRTC in all browsers.
Changing this preference to true will help make Firefox more resistant to browser fingerprinting.
Note: There are many factors in browser fingerprinting and the ability of your opponent to identify you. Another option is to use the Tor browser, which is discussed further here.
Changing this to true isolates the cookie from the first-party domain, preventing tracking across multiple domains. First-party isolation is also definitely not an isolated cookie, it affects: cookies, caching, HTTP authentication, DOM storage, flash cookies, SSL and TLS session recovery, shared workers, a drop of URI, SPDY and HTTP/2, automated cross Domain redirection, window.name, autofill, HSTS and HPKP supercookies, broadcast channels, OCSP, favicons, mediasource URI and Mediastream, speculative and prefetch connections.
As part of the Tor Uplift project, this preference increased at the end of 2017.
Setting this to false will disable geo-tracking, which may be requested by the site you are visiting. As Mozilla explains, this preference is enabled by default and uses Google Location Services to determine your location. In order to do this, Firefox sends Google:
- Your computer’s IP address
- Information about Nearby Wireless Access Points
- Random client identifier, assigned by Google
Before sending this data to Google, you will first receive a request for the website you are visiting. Therefore, you can control this even if the geo remains enabled.
Setting this preference to false will prevent websites from tracking the device’s microphone and camera status.
This is an integer type preference with different values. The following are the cookie preference options:
- 0 = accept all cookies by default
- 1 = Receive only from the original website (blocking third party cookies)
- 2 = Block all cookies by default
- 3 = Block cookies from unvisited websites
- 4 = New Cookie Jar policy (blocking storage access to the tracker)
Any choice between 1 and 4 will improve privacy. The new Cookie Jar policy (value 4) provides more protection, but it can also disrupt the functionality of certain websites. Ghacks discussed the new cookie jar policy here.
This is another integer type preference that you should set to a value of 2 . This preference determines when cookies are deleted. Here are the different options:
- 0 = accept cookies normally
- 1 = prompt for each cookie
- 2 = only accept the current session
- 3 = accept N days
A value of 2, the website you visit should have no problems, all cookies will be automatically deleted at the end of the session. You can get more information about this preference from the Mozilla Knowledge Base.
Setting this preference to true will disable Firefox “prefetch” DNS requests. While advanced domain name resolution may slightly increase page load speed, it can also expose you to privacy and security threats, as described in this white paper.
You can get more information about this preference here.
Network.prefetch – the future
Similar to the prefetch DNS request above, setting this preference to false will prevent Firefox from prefetching the page. Mozilla has deployed this feature to speed up the pages you might visit. However, it runs out of resources and poses a risk to privacy. This is another example of performance at the expense of privacy.
You can get more information about network.prefetch here.
WebGL is a potential security risk, so it’s best to disable it by setting webgl.disabled to true . Another problem with WebGL is that it can be used with fingerprint devices.
Description of Safe Browsing preferences
Due to privacy issues and potential Google tracking, there are many suggestions to disable Safe Browsing in Firefox. However, these issues are based on the old version of Safe Browsing, which takes advantage of the “real-time lookup” of the website URL. This method has not been used since 2011 – further explained here.
If a URL is required, Firefox will take the following precautions to protect user privacy, as explained by Mozilla security engineer François Marier:
- The query string parameter will be removed from the URL we checked as part of the download protection feature.
- Cookies set by the Safe Browsing Server to protect services from abuse are stored in separate cookie jars so that they are not mixed with regular browsing/session cookies.
- When requesting a full hash of a 32-bit prefix, Firefox introduces some additional “noise” entries to further confuse the original URL.
Therefore, I will conclude that disabling Safe Browsing will bring you invisible privacy rights and also pose a security risk. Having said that, if you still want to disable this feature, please follow these steps:
- Browser.safebrowsing.phishing.enabled = false
- Browser.safebrowsing.malware.enabled = false
Firefox Privacy and Security Add-ons
There are some great Firefox browser plugins that can give you more privacy and security.
Note: When looking for Firefox add-ons, be sure to consider the content that is relevant to the preferences you modified above. Depending on your Firefox preferences and other add-ons you are using, some add-ons will be redundant and not required.
Combined with the above preferences changes, my three recommendations for privacy add-ons are:
- uBlock Origin
- HTTPS is everywhere
All three add-ons meet the preferences listed above, are easy to use, and may not disrupt the websites you visit.
Another great addition is Cookie AutoDelete. However, if you have modified the cookie preferences in about:config, as described above, this add-on is not required.
uBlock Origin is an efficient, lightweight interceptor that filters ads and tracks. As a powerful alternative to Adblock Plus, it has become increasingly popular, allowing many users to disdain “acceptable advertising.” Another benefit of uBlock Origin is that it can significantly improve performance and page load speed.
Another important feature of uBlock Origin is the ability to whitelist certain websites. Since many websites block access when they detect an ad blocker, the whitelisting feature will come in handy. uBlock Origin is free.
HTTPS is everywhere
HTTPS Everywhere is a good Firefox add-on that basically forces an HTTPS connection to the website you visit – provided that the website can use HTTPS. This gives you more security and privacy thanks to encryption.
Fortunately, more and more websites are implementing HTTPS, so this problem is getting less and less. Still, HTTPS Everywhere is still a good add-on for working with Firefox.
You can get more information about HTTPS from the Electronic Frontier Foundation, which is behind the creation of this add-on.
Decentraleyes is an interesting Firefox add-on that protects you from content tracking networks operated by third parties. While CDNs do help improve website load time and performance, they are usually provided free of charge by third parties who use CDN to track your browsing. These third parties include Google, Microsoft, Facebook, Cloudflare, Yandex, Baidu, MaxCDN and more.
Decentraleyes solves this problem by hosting CDN resources locally. As described in their own hosted GitLab repository, Decentraleyes “blocks traffic, finds supported resources locally, and injects it into the environment”, preventing CDNs from tracking users.
If you make the above changes to your preferences, you may not need to use this browser add-on, which will automatically clear the cookies that are no longer needed by the website you are viewing.
However, if you prefer to use add-ons instead of using the following: config changes, then Cookie AutoDelete is your choice. It protects you from tracking by deleting cookies that are no longer needed.
Privacy Badger is another add-on to the Electronic Frontier Foundation that blocks spy ads and trackers. One disadvantage of the Privacy Badger is that it only blocks third-party websites. Since it will consider the Google Analytics first-party website, it will not be blocked. Another disadvantage is that it does not actually use a filter list. Instead, it is basically learned when you use it.
On the positive side, privacy is very easy to use and gives you more privacy through general browsing. It can be used in conjunction with uBlock Origin, but there will be some overlap in functionality.
uMatrix is an advanced add-on that lets you control the possibility of tracking your requests on the websites you visit. It was made by the same person behind uBlock Origin. One advantage of uMatrix is that it can be very customizable.
One disadvantage of uMatrix is that configuring it for regular daily browsing can be difficult and time consuming. However, if you want a very powerful interceptor and you don’t mind modifying the plugin, give uMatrix a chance.
NoScript is a script blocking program that allows you to determine the exact script to run on a particular website. Although it does give you control, properly configuring NoScript can be very painful. It breaks many websites, which requires you to tweak and configure options. If you are already using uBlock Origin or uMatrix, you may not need to use NoScript.
For casual users or those who don’t have the patience to spend some time configuring it, this is definitely not an add-on.
Here are some additional resources for configuring Firefox to provide more privacy and security:
- User.js Firefox enhancements – as explained on their GitHub page, this is a ” configuration file that can control hundreds of Firefox settings.” ” . For more technical breakdown and description, you can read more on an overview of wiki pages. ” They wiki page is full of a lot of information.
- Privacy Settings – This is a Firefox add-on that allows you to easily access and control the built-in privacy settings in your browser.
- Firefox Profilemaker – FFprofile helps you create your own Firefox profile with the default privacy and security settings to suit your needs.
Firefox privacy conclusion
Firefox is still the best all-round, mainstream privacy browser on the market.
While many of the configurations and add-ons we discuss in this article will give you more privacy, there is still a problem: hiding your IP address and location. To do this, you must have a good VPN. The Tor network also achieves this goal, but it has the disadvantage of slow speed and other risks (see the Tor guide for details).
Also note that a secure, privacy-focused browser is just one of many tools to keep you safe online. Check out the Privacy Tools page for additional tips and advice on restoring privacy.