If, like me, you are a user of Firefox and in these days of mounting cyber-threats and government intrusion are concerned about your browser security; here is some help.
Install Essential Privacy Add-ons
These extensions help block tracking, ads, and fingerprinting:
- uBlock Origin: Blocks ads, trackers, and malware.
- Privacy Badger: Stops invisible trackers.
- LocalCDN: Replaces external libraries with local versions.
- CanvasBlocker: Prevents fingerprinting via canvas API.
- Cookie AutoDelete: Clears cookies when closing a tab.
- Decentraleyes: Blocks content delivery network (CDN) tracking.
Change Critical about:config Settings
Open about:config (Enter in the URL bar): Accept the warning.
Privacy & Anti-Tracking
| Setting | Value | Purpose |
|---|---|---|
privacy.resistFingerprinting |
true |
Blocks browser fingerprinting |
privacy.trackingprotection.enabled |
true |
Enables built-in tracker blocking |
privacy.trackingprotection.fingerprinting.enabled |
true |
Blocks fingerprinting attempts |
privacy.trackingprotection.cryptomining.enabled |
true |
Blocks cryptominers |
network.cookie.cookieBehavior |
1 or 4 |
Block third-party cookies (1) or all cross-site (4) |
network.dns.disablePrefetch |
true |
Prevents DNS prefetching (reduces tracking) |
network.prefetch-next |
false |
Stops automatic loading of pages |
dom.battery.enabled |
false |
Prevents battery status tracking |
geo.enabled |
false |
Blocks location access |
media.peerconnection.enabled |
false |
Disables WebRTC (prevents IP leaks) |
Security Enhancements
| Setting | Value | Purpose |
|---|---|---|
security.tls.version.min |
3 |
Forces TLS 1.2+ for secure browsing |
network.http.referer.XOriginPolicy |
2 |
Blocks cross-site referrer leakage |
network.http.referer.XOriginTrimmingPolicy |
2 |
Trims referrer info to prevent leaks |
browser.cache.offline.enable |
false |
Prevents sites from storing offline data |
Disable Telemetry & Data Collection
| Setting | Value | Purpose |
|---|---|---|
toolkit.telemetry.enabled |
false |
Stops Firefox from sending telemetry |
toolkit.telemetry.unified |
false |
Disables unified telemetry |
datareporting.healthreport.uploadEnabled |
false |
Disables health report uploads |
browser.safebrowsing.malware.enabled |
false |
Disables Google’s safe browsing (optional) |
browser.safebrowsing.phishing.enabled |
false |
Disables phishing protection (optional) |
Enable DNS over HTTPS (DoH)
Go to Settings: Network Settings: Enable DNS over HTTPS
- Set to Cloudflare (1.1.1.1) or Quad9 (9.9.9.9) for privacy.
Configure Secure Cookie & Site Isolation
- Settings: Privacy & Security: Delete cookies when Firefox is closed
- Enable Total Cookie Protection (
privacy.partition.network_state = true)
Disable JavaScript for Untrusted Sites
- Install NoScript: Blocks JavaScript by default on unknown sites.
Remove Pocket & Other Built-in Trackers
- Set
extensions.pocket.enabled:false(removes Pocket) - Set
browser.newtabpage.activity-stream.feeds.topsites:false
Install Hardened User.js (Optional)
For extreme security, use arkenfox/user.js, which preconfigures Firefox for privacy.
- Install it with:
curl -sL https://raw.githubusercontent.com/arkenfox/user.js/master/user.js -o ~/.mozilla/firefox/*.default/user.js
Extra: Run Firefox in Firejail (Sandboxing)
If you want extra isolation, install Firejail:
sudo pacman -S firejail
Run Firefox with:
firejail firefox
This prevents privilege escalation in case of a Firefox exploit.
Final Notes
This setup removes telemetry, blocks trackers, and improves security while keeping Firefox usable.
This content is free to use, adapt, and share.
Knowledge and information should be open—please spread them far and wide.A few things to keep in mind:
- All of my work comes with absolutely no warranty, expressed or implied. However…
- It will almost certainly work until it breaks,
though I must admit it may never work or be useful—and that would be sad.- If/when it breaks, you can keep all the pieces.
- As for what you don’t like, it’s yours to do with as you will.
- If you find my materials helpful, both you and I will be happy (at least for a while).
- My advice is worth every penny you paid for it!
Full disclosure:
I use various AI systems to assist in developing my content.
If you’re curious about how I use them, feel free to check out:
The Revolutionary Impact of AI on Genealogy and Historical Research.
