Firefox Configuration
Configuring Firefox for privacy and performance
[ Updated 08-24-24 | Created 08-24-24 ]
Installation
macOS: brew install --cask firefox
Arch/Artix: yay -S firefox
Settings
General
Language and Appearance
- Check spelling as you type –> Disabled
Browsing
- Recommend extensions as you browse –> Disabled
- Recommend features as you browse –> Disabled
Home
- Homepage and new windows –> Blank Page
- New tabs –> Blank Page
- Uncheck all Firefox Home Content
Search
- Default Search Engine –> DuckDuckGo
- Search Suggestions –> Disabled
- Address Bar –> Uncheck all
Privacy & Security
Browser Privacy
- Tracking Prtection –> Strict
- “Tell webiste not to sell or share my data” –> Always
- “Do Not Track” –> Always
Cookies and Site Data
- Delete cookies and site data when Firefox is closed –> Enabled
Passwords
- Ask to save logins and passwords for websites –> Disabled
- Show alerts about passwords for breached websites –> Disabled
Forms and Autofill
- Autofill addresses –> Disabled
- Autofill credit cards –> Disabled
History
- Use custom settings for history
- Always use private browsing mode –> Enabled
Permissions
- Location/Camera/Microphone/Notifiactions/Virtual Reality –> “Block new requests”
Firefox Data Collection and Use
- Uncheck all
Security
- Deceptive Content and Dangerous Software Protection –> Uncheck all
- HTTPS-Only Mode –> Enable in all windows
Advanced configuration
about:config
Telemetry
browser.newtabpage.activity-stream.feeds.telementry
–> falsebrowser.tabs.crashReporting.sendReport
–> falsetoolkit.telemetry.enabled
–> falsetoolikt.telemetry.server
–> blanktoolkit.telemetry.unified
–> false
browser.newtabpage.activity-stream.feeds.discoverystreamfeed
–> falsebrowser.newtabpage.activity-stream.feeds.discoverystream.sendToPocket.enabled
–> falsebrowser.newtabpage.activity-stream.feeds.section.topstories
–> falsebrowser.newtabpage.activity-stream.section.highlights.includePocket
–> falsebrowser.newtabpage.activity-stream.showSponsored
–> falsebrowser.newtabpage.activity-stream.showSponsoredTopSites
–> falsebrowser.newtabpage.activity-stream.system.showSponsored
–> falseservices.sync.prefs.sync.browser.newtabpage.activity-stream.showSponsored
–> falseservices.sync.prefs.sync.browser.newtabpage.activity-stream.showSponsoredTopSites
–> falseextensions.pocket.enabled
–> false
Prefetching
network.dns.disablePrefetch
–> truenetwork.dns.disablePrefetchFromHTTPS
–> truenetwork.prefetch-next
–> false
SSL
security.ssl3.rsa_des_ede3_sha
–> falsesecurity.ssl.require_safe_negotiation
–> true
Account
identity.fxaccounts.enabled
–> false
Geolocation
geo.enabled
–> false
WebRTC
media.peerconnection.enabled
–> falsemedia.navigator.enabled
–> false
WebGL
webgl.disabled
–> true- (2024 note: I probably recommend leaving this enabled)
Fingerprinting
privacy.resistFingerprinting
–> true
Referrer headers
network.http.sendRefererHeader
–> 0
Cookies
privacy.firstparty.isolate
–> true
Extensions
- Bitwarden - password manager
- ClearURLs - cleans long “tracking” URLs
- Decentraleyes - local CDN
- DF YouTube - blocks YouTube dark patterns and garbage front page
- dotepub - epub conversion
- EpubPress - epub conversion
- SingleFile - HTML generator
- uBlock Origin - content blocker
Tagged: Configuration Privacy Security