stats.paypal.com cookie - How to block?

Status
Not open for further replies.

ng4ever

Level 16
Thread author
Verified
Feb 11, 2016
789
I am trying to block this cookie but no matter what I do it seems impossible :(

Anyway to block it for good ?

Hitman Pro says it is a tracking cookie.

I am on Firefox 46.01
 

Captain Awesome

Level 23
Verified
Top Poster
Well-known
May 7, 2016
1,285
To check or change your settings:
Firefox Support said:
  1. Click the menu button
    2014-01-10-13-08-08-f52b8c.png
    and choose Options.

  2. Select the Privacy panel.

  3. Set Firefox will: to Use custom settings for history.
    2015-05-09-05-27-21-fb1f0d.png
  4. Check mark Accept cookies from sites to enable cookies, and uncheck it to disable them.
    2015-01-28-14-49-18-156714.png
  5. Choose how long cookies are allowed to be stored:
    • Keep until:
      they expire: Each cookie will be removed when it reaches its expiration date, which is set by the site that sent the cookie.
      I close Firefox: The cookies that are stored on your computer will be removed when Firefox is closed.
  6. Close the about:references page. Any changes you've made will automatically be saved.
Source; Disable third-party cookies in Firefox to stop some types of tracking by advertisers | Firefox Help
 
Last edited by a moderator:
  • Like
Reactions: marzametal

marzametal

Level 7
Verified
Jun 10, 2014
316
The tracker in question will still show up in the inbound/outbound process, even if you run with the above settings. This can be seen if you add Request Policy Continued addon to FF, and access the PayPal website. The RPC addon will block it because there is no rule for it (it will show up as red with a ? next do it if you set RPC up as default-deny/whitelist to bypass).

These are the PayPal entries I have in RPC; other PayPal entries are not accepted as per my setup of RPC...
Code:
FROM            TO
paypal.com    www.paypalobjects.com
paypal.com    t.paypal.com  
paypal.com    c.paypal.com
paypal.com    pics.paypal.com
You could go one step further if you make use of a 3rd party DNS Proxy by matching RPC entries with HOSTS file entries...
Code:
# When using PayPal
127.0.0.1 *paypal* -www.paypal.com -www.paypalobjects.com -t.paypal.com -c.paypal.com -pics.paypal.com
 
  • Like
Reactions: Ink

ng4ever

Level 16
Thread author
Verified
Feb 11, 2016
789
The tracker in question will still show up in the inbound/outbound process, even if you run with the above settings. This can be seen if you add Request Policy Continued addon to FF, and access the PayPal website. The RPC addon will block it because there is no rule for it (it will show up as red with a ? next do it if you set RPC up as default-deny/whitelist to bypass).

These are the PayPal entries I have in RPC; other PayPal entries are not accepted as per my setup of RPC...
Code:
FROM            TO
paypal.com    www.paypalobjects.com
paypal.com    t.paypal.com 
paypal.com    c.paypal.com
paypal.com    pics.paypal.com
You could go one step further if you make use of a 3rd party DNS Proxy by matching RPC entries with HOSTS file entries...
Code:
# When using PayPal
127.0.0.1 *paypal* -www.paypal.com -www.paypalobjects.com -t.paypal.com -c.paypal.com -pics.paypal.com

Thanks but sorry I don't understand how to add this to Request Policy Continued addon ? Please help. Thanks. What settings and how do I add this please ?
 

marzametal

Level 7
Verified
Jun 10, 2014
316
Thanks but sorry I don't understand how to add this to Request Policy Continued addon ? Please help. Thanks. What settings and how do I add this please ?
The addon can be downloaded from here. I cannot remember if a restart of the browser was required; if it was, just go with it.

There are a couple of ways to set up RPC. When it is installed, go to Tools - Addons, find RPC and click on its corresponding Options button. It will load up a new tab just for RPC. I will introduce you to my RPC settings, and we will take it from there.

My RPC setup is default-deny (block all requests by default if no allow or block rules are present). I don't even allow requests to the same domain, which can be seen in the 5th spoiler. This breaks websites, but once you add rules, you don't need to revisit them when navigating to the websites at a later date, which is awesome.

Preferences - Basic
prefbasic.jpg

Preferences - Advanced
prefadv.jpg

Manage Policy - Your Policy
manageyour1.jpg
manageyour2.jpg

Manage Policy - Default Policy
managedef.jpg

Manage Policy - Subscriptions
managesub.jpg


See how you go about wrapping your head around that. I will wait patiently for any questions. Good luck dude.
 
Last edited:
  • Like
Reactions: Jack

Captain Awesome

Level 23
Verified
Top Poster
Well-known
May 7, 2016
1,285
By far easiest way is=Adguard.Just give it a go @ng4ever.I am right now testing it and result is great.It is free for 14 days.
 

marzametal

Level 7
Verified
Jun 10, 2014
316
By far easiest way is=Adguard.Just give it a go @ng4ever.I am right now testing it and result is great.It is free for 14 days.
Ummm, why would you allow a 3rd party app to inject itself into a website that has your bank details? Also, if you add paypal.com to HTTPS Exclusions list, then it filters absolutely nothing.
 
  • Like
Reactions: frogboy
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top