Web Browser Settings

The security and privacy settings of the Web Browser you use can usually be tightened to improve the protection of your Personal Data, your Hosting Account and your Website.

There are many different Web Browser applications available for you to use.

We like Firefox.

If you use Firefox and want to review how you can tighten its privacy and security settings then you may find the next section useful.

The settings described in this article should also provide some pointers for tightening the settings in all Web Browsers.

Whichever Web Browser application you use, we recommend that you:

  • frequently check it is the latest available version and release;
  • enable Browser Security Features;
  • adjust settings to protect your privacy, for example, block third party cookies;
  • ensure cookies and browser cache is automatically deleted when you close your browser;
  • frequently close and re-open your browser to clear cookies and cache;
  • disable the storing of usernames and passwords;
  • ignore website pop-ups which tell you to download a browser update, and
  • use the DuckDuckGo search engine to protect your privacy when searching the web.

There are some Web Browser settings which you not want to tighten.

These might include:

  • image display and
  • use of Javascript.

Blocking the display of images may spoil your enjoyment when visiting a website.

Blocking the use of Javascript may prevent dropdown menu and accordion elements from working.

Enhanced Tracking Protection = Strict will prevent websites from displaying external Twitter (X) Feeds.

Read more: How to respond when Dropdown Menus do not work in Chrome.

 

Firefox

The settings illustrated here will enhance privacy and security when using the Firefox Web Browser.

Periodically review your browser's privacy and security settings to check your preferred settings have not changed.

Firefox Search Settings

We recommend DuckDuckGo because it offers the highest level of protection of your privacy when using the internet.

Read more: About DuckDuckGo

firefox search default search engine

 

Firefox Privacy and Security Settings

We recommend changing the default Standard level of Tracking Protection.

Strict Tracking Protection includes the blocking of nefarious 3rd party tracking cookies, including cross-site cookies.

Read more: Mozilla Support - Third-party Trackers

firefox 1 enhanced tracking protection

Read more: Enhanced Tracking Protection in Firefox

We recommend changing the default setting to Delete cookies and site data when Firefox is closed.

Thereafter, frequent closure of your Web Browser will clear cookies and the commensurate surveillance of your activity online.

firefox 2 cookies and site data

It is a no-brainer to not let your Web Browser store login details in its cache!

firefox 3 logins and passwords

History of your search activity will only be hidden from other users of your device.

firefox 4 history

Disable all the Permissions listed below if you are concerned about protecting your Privacy.

Also tape over the webcam in your device, both of them if using a smartphone or tablet.

And hold private conversations out of earshot of your device's microphone, even when you have disabled it!

It could after all be remotely re-enabled if your device is compromised.

firefox 5 permissions

Location

firefox 5 permissions 1 location permissions

Camera

firefox 5 permissions 2 camera settings

Microphone

firefox 5 permissions 3 microphone settings

Speaker Selection

firefox 5 permissions 3 microphone settings

Notifications

firefox 5 permissions 4 notification permissions

Autoplay

Note: this setting does not in our experience prevent YouTube videos from auto-playing.

firefox 5 permissions 5 autoplay

Virtual Reality

firefox 5 permissions 6 virtual reality permissions

We choose not to automatically share technical and interaction data with anyone, including the application developer.

firefox 6 data collection and use

firefox 7 security

If a website does not support HTTPS then don't use it.

There is no excuse for not website administrators not to add an SSL Certificate to their domain.

Good hosting providers enable you to issue a free Let's Encrypt SSL Certificate for use with your website, email and domain.

Read more: How to issue an SSL Certificate.

firefox 8 https only mode

"XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers".

Source: The Hacker News

The Hacker News recommend that Firefox users enable First Party Isolation to reduce the risk of Cross-Site Leaks (also called XS-Leaks) when browsing.

First Party Isolation is not enabled by default.

To enable, open Firefox and enter the following in the address bar:

  • about:config?filter=privacy.firstparty.isolate

Click through the warning screen and enter isolate in the search field at the top of the next screen.

If you see:

  • privacy.firstparty.isolate = true

then First Party Isolation is enabled (see image below).

first party isolate firefox

If you see:

  • privacy.firstparty.isolate = false

then toggle the setting to change it to true.

When done, close and re-open Firefox.

Avoid the temptation to add lots of free add-ons or extensions to your Firefox Browser.

There have been several reports via The Hacker News of compromised browser extensions in recent months.

Only use trusted extensions that are essential to your daily requirements.

In 2023 Mozilla (Firefox developer) introduced a new feature called Quarantined Domains - see next tab.

This new feature was introduced by Mozilla (Firefox developer) in 2023.

Reason: "the openness afforded by the add-on ecosystem could be exploited by malicious actors to their advantage." Source: Mozilla.

Quarantined Domains is in addition to Mozilla's existing capability to remotely disable individual extensions that pose a risk to user privacy and security.

The new feature enables the developer to remotely block some add-ons from running on certain websites for "various reasons, including security concerns".

Not everyone will be happy with this big brother-like approach.

Read more: New Firefox Feature blocks risky Add-ons

Read more: Firefox Add-ons Blocklist

 

Subscribe to 'The Hacker News' newsletter

Subscribe to The Hacker News Newsletter to be kept informed of important new releases for your Web Browser.

Read more: Subscribe to The Hacker News Newsletter

 

Web Browser Settings

The security and privacy settings of the Web Browser you use can usually be tightened to improve the protection of your Personal Data, your Hosting Account and your Website.

There are many different Web Browser applications available for you to use.

We like Firefox.

If you use Firefox and want to review how you can tighten its privacy and security settings then you may find the next section useful.

The settings described in this article should also provide some pointers for tightening the settings in all Web Browsers.

Whichever Web Browser application you use, we recommend that you:

  • frequently check it is the latest available version and release;
  • enable Browser Security Features;
  • adjust settings to protect your privacy, for example, block third party cookies;
  • ensure cookies and browser cache is automatically deleted when you close your browser;
  • frequently close and re-open your browser to clear cookies and cache;
  • disable the storing of usernames and passwords;
  • ignore website pop-ups which tell you to download a browser update, and
  • use the DuckDuckGo search engine to protect your privacy when searching the web.

There are some Web Browser settings which you not want to tighten.

These might include:

  • image display and
  • use of Javascript.

Blocking the display of images may spoil your enjoyment when visiting a website.

Blocking the use of Javascript may prevent dropdown menu and accordion elements from working.

Enhanced Tracking Protection = Strict will prevent websites from displaying external Twitter (X) Feeds.

Read more: How to respond when Dropdown Menus do not work in Chrome.

 

Firefox

The settings illustrated here will enhance privacy and security when using the Firefox Web Browser.

Periodically review your browser's privacy and security settings to check your preferred settings have not changed.

Firefox Search Settings

We recommend DuckDuckGo because it offers the highest level of protection of your privacy when using the internet.

Read more: About DuckDuckGo

firefox search default search engine

 

Firefox Privacy and Security Settings

We recommend changing the default Standard level of Tracking Protection.

Strict Tracking Protection includes the blocking of nefarious 3rd party tracking cookies, including cross-site cookies.

Read more: Mozilla Support - Third-party Trackers

firefox 1 enhanced tracking protection

Read more: Enhanced Tracking Protection in Firefox

We recommend changing the default setting to Delete cookies and site data when Firefox is closed.

Thereafter, frequent closure of your Web Browser will clear cookies and the commensurate surveillance of your activity online.

firefox 2 cookies and site data

It is a no-brainer to not let your Web Browser store login details in its cache!

firefox 3 logins and passwords

History of your search activity will only be hidden from other users of your device.

firefox 4 history

Disable all the Permissions listed below if you are concerned about protecting your Privacy.

Also tape over the webcam in your device, both of them if using a smartphone or tablet.

And hold private conversations out of earshot of your device's microphone, even when you have disabled it!

It could after all be remotely re-enabled if your device is compromised.

firefox 5 permissions

Location

firefox 5 permissions 1 location permissions

Camera

firefox 5 permissions 2 camera settings

Microphone

firefox 5 permissions 3 microphone settings

Speaker Selection

firefox 5 permissions 3 microphone settings

Notifications

firefox 5 permissions 4 notification permissions

Autoplay

Note: this setting does not in our experience prevent YouTube videos from auto-playing.

firefox 5 permissions 5 autoplay

Virtual Reality

firefox 5 permissions 6 virtual reality permissions

We choose not to automatically share technical and interaction data with anyone, including the application developer.

firefox 6 data collection and use

firefox 7 security

If a website does not support HTTPS then don't use it.

There is no excuse for not website administrators not to add an SSL Certificate to their domain.

Good hosting providers enable you to issue a free Let's Encrypt SSL Certificate for use with your website, email and domain.

Read more: How to issue an SSL Certificate.

firefox 8 https only mode

"XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers".

Source: The Hacker News

The Hacker News recommend that Firefox users enable First Party Isolation to reduce the risk of Cross-Site Leaks (also called XS-Leaks) when browsing.

First Party Isolation is not enabled by default.

To enable, open Firefox and enter the following in the address bar:

  • about:config?filter=privacy.firstparty.isolate

Click through the warning screen and enter isolate in the search field at the top of the next screen.

If you see:

  • privacy.firstparty.isolate = true

then First Party Isolation is enabled (see image below).

first party isolate firefox

If you see:

  • privacy.firstparty.isolate = false

then toggle the setting to change it to true.

When done, close and re-open Firefox.

Avoid the temptation to add lots of free add-ons or extensions to your Firefox Browser.

There have been several reports via The Hacker News of compromised browser extensions in recent months.

Only use trusted extensions that are essential to your daily requirements.

In 2023 Mozilla (Firefox developer) introduced a new feature called Quarantined Domains - see next tab.

This new feature was introduced by Mozilla (Firefox developer) in 2023.

Reason: "the openness afforded by the add-on ecosystem could be exploited by malicious actors to their advantage." Source: Mozilla.

Quarantined Domains is in addition to Mozilla's existing capability to remotely disable individual extensions that pose a risk to user privacy and security.

The new feature enables the developer to remotely block some add-ons from running on certain websites for "various reasons, including security concerns".

Not everyone will be happy with this big brother-like approach.

Read more: New Firefox Feature blocks risky Add-ons

Read more: Firefox Add-ons Blocklist

 

Subscribe to 'The Hacker News' newsletter

Subscribe to The Hacker News Newsletter to be kept informed of important new releases for your Web Browser.

Read more: Subscribe to The Hacker News Newsletter