If, like me, you are a user of Firefox and in these days of mounting cyber-threats and government intrusion are concerned about your browser security; here is some help.
Install Essential Privacy Add-ons
These extensions help block tracking, ads, and fingerprinting:
- uBlock Origin: Blocks ads, trackers, and malware.
- Privacy Badger: Stops invisible trackers.
- LocalCDN: Replaces external libraries with local versions.
- CanvasBlocker: Prevents fingerprinting via canvas API.
- Cookie AutoDelete: Clears cookies when closing a tab.
- Decentraleyes: Blocks content delivery network (CDN) tracking.
Change Critical about:config Settings
Open about:config (Enter in the URL bar): Accept the warning.
Privacy & Anti-Tracking
| Setting | Value | Purpose |
|---|---|---|
privacy.resistFingerprinting |
true |
Blocks browser fingerprinting |
privacy.trackingprotection.enabled |
true |
Enables built-in tracker blocking |
privacy.trackingprotection.fingerprinting.enabled |
true |
Blocks fingerprinting attempts |
privacy.trackingprotection.cryptomining.enabled |
true |
Blocks cryptominers |
network.cookie.cookieBehavior |
1 or 4 |
Block third-party cookies (1) or all cross-site (4) |
network.dns.disablePrefetch |
true |
Prevents DNS prefetching (reduces tracking) |
network.prefetch-next |
false |
Stops automatic loading of pages |
dom.battery.enabled |
false |
Prevents battery status tracking |
geo.enabled |
false |
Blocks location access |
media.peerconnection.enabled |
false |
Disables WebRTC (prevents IP leaks) |
Security Enhancements
| Setting | Value | Purpose |
|---|---|---|
security.tls.version.min |
3 |
Forces TLS 1.2+ for secure browsing |
network.http.referer.XOriginPolicy |
2 |
Blocks cross-site referrer leakage |
network.http.referer.XOriginTrimmingPolicy |
2 |
Trims referrer info to prevent leaks |
browser.cache.offline.enable |
false |
Prevents sites from storing offline data |
Disable Telemetry & Data Collection
| Setting | Value | Purpose |
|---|---|---|
toolkit.telemetry.enabled |
false |
Stops Firefox from sending telemetry |
toolkit.telemetry.unified |
false |
Disables unified telemetry |
datareporting.healthreport.uploadEnabled |
false |
Disables health report uploads |
browser.safebrowsing.malware.enabled |
false |
Disables Google’s safe browsing (optional) |
browser.safebrowsing.phishing.enabled |
false |
Disables phishing protection (optional) |
Enable DNS over HTTPS (DoH)
Go to Settings: Network Settings: Enable DNS over HTTPS
- Set to Cloudflare (1.1.1.1) or Quad9 (9.9.9.9) for privacy.
Configure Secure Cookie & Site Isolation
- Settings: Privacy & Security: Delete cookies when Firefox is closed
- Enable Total Cookie Protection (
privacy.partition.network_state = true)
Disable JavaScript for Untrusted Sites
- Install NoScript: Blocks JavaScript by default on unknown sites.
Remove Pocket & Other Built-in Trackers
- Set
extensions.pocket.enabled:false(removes Pocket) - Set
browser.newtabpage.activity-stream.feeds.topsites:false
Install Hardened User.js (Optional)
For extreme security, use arkenfox/user.js, which preconfigures Firefox for privacy.
- Install it with:
curl -sL https://raw.githubusercontent.com/arkenfox/user.js/master/user.js -o ~/.mozilla/firefox/*.default/user.js
Extra: Run Firefox in Firejail (Sandboxing)
If you want extra isolation, install Firejail:
sudo pacman -S firejail
Run Firefox with:
firejail firefox
This prevents privilege escalation in case of a Firefox exploit.
Final Notes
This setup removes telemetry, blocks trackers, and improves security while keeping Firefox usable.
This content is free to use, adapt, and share.
Knowledge should be open—spread it far and wide.
Remember, like with all of my work, I am able to provide the following assurance(s):
- It is almost certainly going to work until it breaks; although I have to admit it may never work and that would be sad.
- When/if it does break, you may keep all of the pieces.
- If you find my materials helpful, both you & I will be happy, at least for a little while.
- My advice is worth every penny you paid for it!
Discover more from eirenicon llc
Subscribe to get the latest posts sent to your email.
