Web Browser Settings
The security and privacy settings of the Web Browser you use can usually be tightened to improve the protection of your Personal Data, your Hosting Account and your Website.
There are many different Web Browser applications available for you to use.
We like Firefox.
If you use Firefox and want to review how you can tighten its privacy and security settings then you may find the next section useful.
The settings described in this article should also provide some pointers for tightening the settings in all Web Browsers.
Whichever Web Browser application you use, we recommend that you:
- frequently check it is the latest available version and release;
- enable Browser Security Features;
- adjust settings to protect your privacy, for example, block third party cookies;
- ensure cookies and browser cache is automatically deleted when you close your browser;
- frequently close and re-open your browser to clear cookies and cache;
- disable the storing of usernames and passwords;
- ignore website pop-ups which tell you to download a browser update, and
- use the DuckDuckGo search engine to protect your privacy when searching the web.
There are some Web Browser settings which you not want to tighten.
These might include:
- image display and
- use of Javascript.
Blocking the display of images may spoil your enjoyment when visiting a website.
Blocking the use of Javascript may prevent dropdown menu and accordion elements from working.
Enhanced Tracking Protection = Strict will prevent websites from displaying external Twitter (X) Feeds.
Read more: How to respond when Dropdown Menus do not work in Chrome.
Firefox
The settings illustrated here will enhance privacy and security when using the Firefox Web Browser.
Periodically review your browser's privacy and security settings to check your preferred settings have not changed.
Firefox Search Settings
Default Search Engine
We recommend DuckDuckGo because it offers the highest level of protection of your privacy when using the internet.
Firefox Privacy and Security Settings
Enhanced Tracking Protection
We recommend changing the default Standard level of Tracking Protection.
Strict Tracking Protection includes the blocking of nefarious 3rd party tracking cookies, including cross-site cookies.
Read more: Mozilla Support - Third-party Trackers
Read more: Enhanced Tracking Protection in Firefox for Desktop
More useful links
Trackers and scripts blocked by Firefox when Enhanced Tracking Protection is enabled.
Read more: Trackers and scripts blocked by Firefox
Check out Smart Block for enhanced tracking protection.
We recommend changing the default setting to Delete cookies and site data when Firefox is closed.
Thereafter, frequent closure of your Web Browser will clear cookies and the commensurate surveillance of your activity online.
Passwords and Autofill
It is a no-brainer to not let your Web Browser store login details in its cache!
History
History of your search activity will only be hidden from other users of your device.
Permissions
Disable all the Permissions listed below if you are concerned about protecting your Privacy.
Also tape over the webcam in your device, both of them if using a smartphone or tablet.
And hold private conversations out of earshot of your device's microphone, even when you have disabled it!
It could after all be remotely re-enabled if your device is compromised.
Location
Camera
Microphone
Speaker Selection
Notifications
Autoplay
Note: this setting does not in our experience prevent YouTube videos from auto-playing.
Virtual Reality
Firefox Data Collection and Use
We choose not to automatically share technical and interaction data with anyone, including the application developer.
Security
HTTPS Only Mode
If a website does not support HTTPS then don't use it.
There is no excuse for not website administrators not to add an SSL Certificate to their domain.
Good hosting providers enable you to issue a free Let's Encrypt SSL Certificate for use with your website, email and domain.
Read more: How to issue an SSL Certificate.
First Party Isolation
"XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers".
The Hacker News recommend that Firefox users enable First Party Isolation to reduce the risk of Cross-Site Leaks (also called XS-Leaks) when browsing.
First Party Isolation is not enabled by default.
To enable, open Firefox and enter the following in the address bar:
- about:config?filter=privacy.firstparty.isolate
Click through the warning screen and enter firstparty.isolate in the search field at the top of the next screen.
If you see:
- privacy.firstparty.isolate = true
then First Party Isolation is enabled (see image below).
If you see:
- privacy.firstparty.isolate = false
then toggle the setting to change it to true (using the button on the right).
When done, close and re-open Firefox.
Browser Add-ons or Extensions
Avoid the temptation to add lots of free add-ons or extensions to your Firefox Browser.
There have been several reports via The Hacker News of compromised browser extensions in recent months.
Only use trusted extensions that are essential to your daily requirements.
In 2023 Mozilla (Firefox developer) introduced a new feature called Quarantined Domains - see next tab.
Quarantined Domains
This new feature was introduced by Mozilla (Firefox developer) in 2023.
Reason: "the openness afforded by the add-on ecosystem could be exploited by malicious actors to their advantage." Source: Mozilla.
Quarantined Domains is in addition to Mozilla's existing capability to remotely disable individual extensions that pose a risk to user privacy and security.
The new feature enables the developer to remotely block some add-ons from running on certain websites for "various reasons, including security concerns".
Not everyone will be happy with this big brother-like approach.
Subscribe to 'The Hacker News' newsletter
Subscribe to The Hacker News Newsletter to be kept informed of important new releases for your Web Browser.
