If you are an advanced PC user and have been using Firefox browser for a long time, you might already be aware of about:config Settings. For those who don’t know, Firefox gives you a lot of customization by visiting about:config section.
When you first visit it, you will be prompted by a warning screen saying “Changing advanced configuration preferences may affect Firefox performance or security.” as shown below.
Don’t hesitate with the caveat, just accept the risk and click the Continue button to browse the main page of the customization, as shown below.
For the first time, it will not show you any preference settings unless you have previously modified them with any option. To list all the preferences for the new user, just click on the “Show modified preferences” checkbox, as shown below.
This section gives you so much power to customize your Firefox privacy and security to the next level. However, you might end up in trouble for making mistakes. For that reason, pay close attention. In the end, it will be worth your time.
The method of changing the value of preference depends upon the preference type. If the preference is of the “boolean” type, then double-clicking will change the value to true or false. If the preference is an “integer” or “string” type, double-clicking will open a box to change the value. Check out the below image.
- When you double click, it will toggle the value of preference from true to false and vice-versa.
- When you click the button, it will ask you for an integer value.
Besides both of these buttons, we have reset and delete buttons. Reset will change the value of the preference to its default value, while delete will remove the entry for that preference.
Today, we will provide you with recommended modifications you may want to make to have the best Firefox security settings:
Table of Contents
browser.privatebrowsing.autostart = true
This customization will always open your Firefox browser in incognito mode, which can be very helpful in hiding your browser data from another person operating the same system.
It will also prevent storing history, cookies, and site data in your browser, making it harder for websites and third-party apps to track you. Even though, your ISP can still take a look at the sites you were visiting.
media.peerconnection.enabled = false
WebRTC, aka Web Real-Time Communication, allows sharing of voice, video chat, and P2P sharing of files through your browser. It might be useful in some cases, but enabling it might bypass your encrypted tunnel created by a VPN, exposing your IP address.
Disabling this feature will prevent or cause a problem while accessing web applications that depend upon this technology, such as Google Meet, Discord, Snapchat, etc.
privacy.resistFingerprinting = true
Enabling this feature will make Firefox more resistant to browser fingerprinting. However, there are multiple metrics while fingerprinting. Enabling this feature will not guarantee your complete anonymity.
Even Firefox users criticized this feature in forums when it was first introduced.
privacy.trackingprotection.fingerprinting.enabled = true
Fingerprinting scripts collect information about your browser and device configuration, such as your operating system, screen resolution, and other settings.
By compiling these pieces of data, fingerprinters create a unique profile of you that can be used to track you around the Web.
privacy.trackingprotection.cryptomining.enabled = true
It will prevent websites from running crypto mining scripts that use your computer’s central processing unit (CPU) to invisibly mine cryptocurrency.
Enabling only prevents sites from doing crypto mining in your system. However, installing malicious software can make your system vulnerable to crypto mining. Always check the source when you download an application from the internet.
privacy.firstparty.isolate = true
The feature restricts cookies, cache, and other data access to the domain level so that only the domain that dropped the cookie or file on the user system can access it, which prevents tracking across multiple domains.
In case, if you set the Enhanced Tracking Protection to the Strict option, you do not have to change anything.
privacy.trackingprotection.enabled = true
Tracking Protection is a new platform-level technology that blocks HTTP loads at the network level. It is based on the Safe Browsing technology that powers our phishing and malware protection.
This feature was part of the Polaris initiative.
geo.enabled = false
By default, this setting is set to false to prevent websites from tracking your precise location. However, there is a separate mechanism that many sites use that is about as accurate for desktop or laptop computers, and that is location lookup by IP address.
You can not prevent it unless you were using a secure VPN on your system, but still disabling this takes you one step further in your privacy.
This preference will set the value in the integer as shown below.
- 0 = Accept all cookies by default
- 1 = Only accept cookies from the originating site (block third-party cookies)
- 2 = Block all cookies by default
- 3 = Lock cookies from unvisited sites
- 4 = New Cookie Jar policy (prevents storage access to trackers)
The range from 1 to 3 will improve your security. I suggest setting 2 or 3. However, the new Cookie Jar Policy (option 4) will provide you with more protection but might break some websites.
network.cookie.lifetimePolicy = 2
This is another integer type preference that you should set to a value of 2. It will tell Firefox to automatically delete all the cookies at the end of the session. You can even switch to another option as per your needs from the below list:
- 0 = Accept cookies normally
- 1 = Prompt for each cookie
- 2 = Accept for the current session only
- 3 = Accept for N days
network.dns.disablePrefetch = true
However, enabling this preference comes with some risks that have been described in this paper.
network.prefetch-next = false
This setting helps to prefetch pages that are likely to be visited, so the browser downloads them immediately and they can be displayed when the user requests them.
Setting this preference to false will prevent pages from being prefetched by Firefox. Which lets all pages load only when they are visited by the user.
webgl.disabled = true
WebGL can fingerprint your device, so disabling this feature will be a good choice. However, I’ve found many websites do not work when the setting is set to disable. If that happens, switch back to default and test if it works.
dom.event.clipboardevents.enabled = false
It will prevent websites from getting notifications if you copy, paste, or cut something from the page. However, to work on Google Docs using the keyboard (Ctrl+C, Ctrl+X, Ctrl+V), it needs
dom.event.clipboardevents.enabled to be enabled.
media.eme.enabled = false
This disables the playback of DRM-controlled HTML5 content. See details here.
However, these changes to the mentioned settings will improve your security and will even do the jobs of some extensions. but might break some web pages. In such cases, switch to default values.
If you want any help or suggestions, comment below.
Innovative tech mind with 12 years of experience working as a computer programmer, web developer, and security researcher. Capable of working with a variety of technology and software solutions, and managing databases.