Advice Request Hardening Firefox

Please provide comments and solutions that are helpful to the author of this topic.

F

ForgottenSeer 823865

Hi
I have a request to you guys, how can i setup firefox to increase security?
This is called Google Chrome :ROFLMAO::ROFLMAO::ROFLMAO:

about privacy, using those flags:

datareporting.healthreport.uploadEnabled = False
network.http.sendRefererHeader = 0 (This one will break some sites log-in , like Pinterest, etc...)
network.http.sendSecureXSiteReferrer = False
privacy.trackingprotection.enabled = True
beacon.enabled = False
privacy.firstparty.isolate = True
privacy.resistFingerprinting = True
privacy.trackingprotection.fingerprinting.enabled = True
privacy.trackingprotection.enabled = True
browser.send_pings = False
dom.event.clipboardevents.enabled = False
media.eme.enabled =False
media.gmp-widevinecdm.enabled = False
media.navigator.enabled = False
webgl.disabled = True
network.IDN_show_punycode = True
network.http.referer.XOriginPolicy = 2
network.http.referer.XOriginTrimmingPolicy = 2
 

Zorro

Level 9
Verified
Well-known
Jun 11, 2019
404
Hi
I have a request to you guys, how can i setup firefox to increase security?
My IS is Norton 360, I disabled powershell 2.0 internet explorer and SMB.
1) privacy.firstparty.isolate = true
The result of the Tor Uplift project. The included setting isolates browser identifiers (for example, cookies) in the current domain, preventing tracking on other domains. Do not use AutoDelete at the same time with the Cookie extension!
2) privacy.resistFingerprinting = true
The result of the Tor Uplift project. The included setting complicates your identification by browser fingerprint.
3) privacy.trackingprotection.enabled = true
Built-in tracking protection. Uses Disconnect.me filters, therefore it is useless when used simultaneously with uBlock Origin.
4) browser.cache.offline.enable = false
Disabling the local cache.
5) browser.safebrowsing.malware.enabled = false
Disabling the Google Safe Browsing malware scan engine. Reduces security, but increases privacy.
6) browser.safebrowsing.phishing.enabled = false
Disabling the Google Safe Browsing phishing check engine. Reduces security, but increases privacy.
7) browser.send_pings = false
The ban on tracking user clicks.
8) browser.sessionstore.max_tabs_undo = 0
Preventing temporary storage of recently closed tabs available in the "Log -> Recently Closed Tabs" menu.
8) browser.urlbar.speculativeConnect.enabled = false
Disabling URL autocomplete preload. Avoids leakage through third-party services when typing in the address bar
10) dom.battery.enabled = false
Disabling the ability to receive battery data on the device
11) dom.event.clipboardevents.enabled = false
Disabling page notifications about user actions (copy, cut and paste), as well as selected elements.
12) geo.enabled = false
Disabling location services.
13) media.navigator.enabled = false
Prohibition of tracking the status of the microphone / camera on the device.
14) network.cookie.cookieBehavior = 1
Cookie management
0 = By default, save all cookies
1 = Save cookies only from the current site (block cookies from third-party sites)
2 = By default, block all cookies
15) network.cookie.lifetimePolicy = 2
Cook Shelf Life
0 = Retention period set by server
1 = User manually sets retention period
2 = The storage period is limited by the session (until the browser closes)
3 = Shelf life is limited by the days from the setting
16) network.cookie.lifetime.days
network.http.referer.trimmingPolicy = 2

Configuring the sent data in the Referer header
0 = full URL
1 = URL without parameters
2 = Only protocol, host and port
17) network.http.referer.XOriginPolicy = 2
A setting to determine the conditions under which the Referer header will be sent to other domains. In case of problems with this setting, you can select a less stringent value of 1 along with the XOriginTrimmingPolicy setting specified below
0 = Always send
1 = Send to the same eTLD domains
2 = Only send when domains match completely
18) network.http.referer.XOriginTrimmingPolicy = 2
Configure sending data to other domains in the Referer header
0 = full URL
1 = URL without parameters
2 = Only protocol, host and port
19) webgl.disabled = true
Disabling WebGL as a potential security risk.

Next, set the value to false in all of these parameters:
browser.newtabpage.activity-stream.feeds.telemetry
browser.newtabpage.activity-stream.telemetry
browser.ping-center.telemetry
toolkit.telemetry.archive.enabled
toolkit.telemetry.bhrPing.enabled
toolkit.telemetry.enabled
toolkit.telemetry.firstShutdownPing.enabled
toolkit.telemetry.newProfilePing.enabled
toolkit.telemetry.reportingpolicy.firstRun
toolkit.telemetry.server
toolkit.telemetry.shutdownPingSender.enabled
toolkit.telemetry.unified
toolkit.telemetry.updatePing.enabled
Here you write “toolkit.telemetry.server” false manually.


Change the number of content processes
Do you prefer to work with a large number of tabs at the same time or keep no more than five tabs open? The more content processes in the browser, the more resources are allocated for each tab (RAM consumption will also increase).
If you own a powerful computer, you can set a fairly high value - the stability and performance of each open tab should improve. On the about: config page, the number of content processes is controlled by the dom.ipc.processCount parameter.
Default value: 8
Set value: 7-12 (depends on the number of open tabs)

Disabling unnecessary animations
Animations in Firefox Browser look beautiful, but for older computers, every megabyte of memory counts. To turn off unnecessary animations, set the toolkit.cosmeticAnimations.enabled parameter to false.
Default value: true
Set value: false

Minimum tab width
Changing this setting will be noticed only by an attentive Firefox user. By default, tabs in Firefox are 76 pixels wide, although previously there were 100 pixels. To change this value, use the browser.tabs.tabMinWidth parameter.
Default value: 76. Set the value: 100 if you want to restore the width of the tabs, as in older versions of Firefox. You can set any other value that you like.

Reducing Session History Cache to Save Memory
If you are using an old computer, some of the standard Firefox settings may not be optimal. This applies to saving web pages in short-term memory (RAM), which you can access using the Back and Forward buttons. The browser.sessionhistory.max_total_viewers parameter allows you to change the number of pages that are saved for fast loading.
Default value: -1 (adaptable)
Set the value: any number, it will correspond to the number of pages that will be saved (recommended less than 4, if the PC has modest characteristics, if there is more than 4 GB of RAM, you can install 8 or higher).

The browser.sessionhistory.max_entries parameter allows you to change the number of pages that are saved in the session cache and are accessible by clicking the Back and Forward buttons.
Default value: 50
Set the value: on weak PCs, lower the value to 25. Check the operation and edit the value if necessary.

Disabling Extension Compatibility Checks
Compatibility checks help you determine which extensions work with your version of Firefox and which don’t. However, the results of Firefox are not always correct. If you want to make sure yourself that the extension that Firefox has declared incompatible does not start in your version, follow these steps:

Right-click on the about: config page and select New> Logical.
Enter the name extensions.checkCompatibility and click OK. Then set the value to false and click OK again.
A new parameter will be created and appear in the list. You can disable it at any time by right-clicking and selecting Reset.

Minimize memory usage when minimizing
This option is intended for Windows users. When you minimize Firefox, session data will be stored in virtual memory, freeing up physical memory for other programs. Firefox will reduce the consumption of physical memory to only about 10 megabytes, and when you open the window, it will again reserve the necessary amount of RAM.
By default, the parameter is not presented in the list; it must be created. Right-click and select New> Logical.
Type config.trim_on_minimize and set it to true.

Select all text when clicked in the address bar
On Windows and Mac, Firefox selects all text by clicking on the address bar. On Linux, all text is not highlighted - the cursor is placed at the selected position. This behavior on any platform can be changed using the browser.urlbar.clickSelectsAll parameter.
Set value:
false - the cursor is placed in the selected position.
true - select all text by click.
One scale for all sites
Firefox remembers the zoom for each site and the next time you open the site it uses the appropriate zoom level. If you want to use the same scale for all sites, you can achieve this using the browser.zoom.siteSpecific parameter.
Default value: true
Set the value: false (the same scale will be used for all sites)

Scale limitation
If the maximum and minimum zoom level does not suit you, you can change the limit values if necessary.
Parameter Name: zoom.maxPercent
Default value: 300 (percent)
Set value: any value above 300

Parameter Name: zoom.minPercent
Default value: 30 (percent)
Set value: any value

Backspace action
In Firefox, you can customize the behavior when you press the Backspace key, in particular, specify the transition to the previous page or scroll to the top of the page. When you press Shift + Backspace, Firefox will go to the next page (if set to 0) or scroll down the page (if set to 1)
Parameter Name: browser.backspace_action
Default value: 0 - go to the previous page
Set the value: 1 - scroll to the top of the page

In full screen mode, the toolbar is hidden and appears only when you hover over it. You can make it always visible by setting false for the browser.fullscreen.autohide parameter.
Default value: true (always hide)
Set value: false (the panel is always shown).

To configure DNS over HTTPS, you need to change three parameters of the new TRR (Trusted Recursive Resolver) resolver in the browser:

Type about: config in the address bar of Firefox.
Confirm that you accept all risk if a warning page opens.
Using the search bar, find the network.trr.mode parameter and double-click on it.
Set the value to 2 so that DNS over HTTPS is selected by default and your standard DNS server is used as the backup. This is the best option in terms of compatibility.
You can set the value to 1 so Firefox chooses the fastest option; 3 - to use only TRR; 4 - shadow mode: runs TRR in parallel with the standard DNS for synchronization and measurements, but uses only the results of a standard resolver; 0 - to disable TRR by default, 5 - to disable TRR by choice.
Use the search bar to find the network.trr.uri parameter. In Firefox, you will need to enter the DNS server address over HTTPS. Double click on the parameter name. At the moment, several public servers are available, among which two main ones can be distinguished:
https://mozilla.cloudflare-dns.com/dns-query
Find the network.trr.bootstrapAddress parameter and double-click on it
Set to 1.1.1.1 if you selected Cloudflare
Set to 8.8.8.8 if you selected Google DNS
Restart the Firefox browser.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top