Configuring Mozilla Firefox

In this hands-on activity, you will install and configure either Firefox or LibreWolf.

Page Contents

Step 1: Download and Install Firefox
- Windows
- macOS
- Linux
Step 2: Open and Configure Firefox
Step 3: Install uBlock Origin
Step 4: Configure uBlock Origin
Step 5: Advanced Configuration
Step 6: Uninstall Google Chrome
Step 7: Switch to Linux
Step 8: Ditch Unnecessary Online Services and Remove Apps
Now What?

Step 1: Download and Install Firefox

First, check to see if you already have Firefox installed. If so, you just need to be sure it is updated, and then skip to configuration (below). Otherwise, follow the instructions for your operating system:

Windows

Follow the instructions for either Firefox or LibreWolf:

macOS

Follow the instructions for either Firefox or LibreWolf:

Linux

On Linux systems, Firefox is normally available in the system software repositories.

LibreWolf is available as an AppImage, or it can be installed from Flathub if your system supports Flatpak. Official builds are also available for Debian-based distributions (including Ubuntu) and for Fedora.

Step 2: Open and Configure Firefox

Start Firefox or LibreWolf and find the Settings menu. The location of this menu will differ based on your operating system. In Linux, for example, this menu can be found by clicking the hamburger icon in the upper right corner of the browser window and selecting Settings.

Adjust the following settings. The remainder of the settings that are not listed here aren’t important for our purposes.

Firefox General Settings — **Figure 1:** The General category on the Firefox settings page.

Under the General category (Figure 1):
1. Be sure the “Open previous windows and tabs” option is UNchecked.
2. Under Digital Rights Management (DRM) Content, enable the checkbox only if you use services like Netflix, which require Widevine support. Otherwise, leave this option unchecked.
3. Under Browing, uncheck “Recommend extensions as you browse” and “Recommend features as you browse” (Firefox only).

Firefox Home Settings — **Figure 2:** The Home category on the Firefox settings page.

Under the Home category (Figure 2):
1. Under (Firefox) Home Content, uncheck everything except Web Search.

Firefox Search Settings — **Figure 3:** The Search category on the Firefox settings page.

Under the Search category (Figure 3):
1. Set the Default Search Engine to DuckDuckGo.
2. Turn OFF Search Suggestions. Using Search Suggestions causes everything you type into the address bar to be sent to your search engine.

Firefox Strict tracking protection — **Figure 4:** Setting Firefox enhanced tracking protection to strict mode.

Under the Privacy & Security category:
1. Under Enhanced Tracking Protection, you can try to use Strict mode. If you encounter problems with websites, try Custom mode with all boxes checked, cookies blocked from unvisited websites, and tracking content blocked in all windows. (Figure 4)
  
  Figure 5: Cookies, logins, and forms settings in Firefox.
2. Under Cookies and Site Data, check the option to “Delete cookies and site data when (Firefox/LibreWolf) is closed.” (Figure 5)
3. Under Logins and Passwords, remove the checkbox next to “Ask to save logins and passwords for websites.” You should use a password manager for this purpose, not the web browser.
4. Under “Forms and Autofill” (Firefox), uncheck all the boxes.
  
  Figure 6: Firefox history and suggestions settings.
5. Under History, select “Use custom settings for history” in the dropdown. (Figure 6)
6. Uncheck “Remember browsing and download history” and “Remember search and form history.”
7. Check the box next to “Clear history when (Firefox/LibreWolf) closes.”
  
  Figure 7: Firefox history clearing settings.
8. Click the Settings button next to the previous item. Check all boxes, except perhaps for Site settings (optional). It is really important that cache and offline website data are removed, as those are possible zombie cookie locations. (Figure 7)
9. Under the Address Bar option, be sure that “Shortcuts” is unchecked. In Firefox, turn OFF all the suggestions sliders and the “Improve the Firefox Suggest experience” (telemetry) slider. (Figure 6)
10. Under each category in Permissions, I recommend blocking new requests for access to each type of data. However, if you will be using online services that require access to one or more of those types of devices, you can leave them in “ask” mode. I strongly suggest disabling notifications in any case, since those may be used to send ads directly to your desktop.
  
  Figure 8: Disabling telemetry in Firefox.
11. In Firefox, remove the checks beside each of the telemetry items under “Firefox Data Collection and Use.” These have been permanently disabled in LibreWolf and are grayed out. (Figure 8)
12. Under Security, if you are on a Linux or macOS system, uncheck the boxes to block dangerous content and downloads. The lists required to implement these blocks must be downloaded periodically from Google, which is a small information leak. However, Windows users should leave these settings enabled, since Windows tends to attract malware.
  
  Figure 9: Enabling HTTPS-Only Mode in Firefox.
13. Under HTTPS-Only Mode, I recommend enabling it in all windows. If you need to visit an HTTP site, there will be a security warning with an override button to bypass it. (Figure 9)
14. In Firefox, do not sign into Sync. If you’re already signed in from a previous installation, I recommend signing out and clearing your data.
  
  Figure 10: LibreWolf-specific settings. Note that this category is only available if you chose to install LibreWolf instead of Firefox.
15. In LibreWolf, under the LibreWolf category, you can leave the settings at the default values unless you have a specific need for WebGL. In that case, you will need to enable it. (Figure 10)

Step 3: Install uBlock Origin

uBlock Origin in Mozilla Addons — **Figure 11:** Searching for uBlock Origin in Firefox addons.

Firefox users:

In the lower right corner of the Settings window, click Extensions & Themes.
On the next page, search for “ublock origin” in the box at the top of the page.
Another tab will open with the addons.mozilla.org address. Verify that the search result is for “uBlock Origin” by author “Raymond Hill.” This extension will have a Recommended icon next to it. (Figure 11)
Click on uBlock Origin, then click the “Add to Firefox” button. Confirm the installation in the dialog that appears.
You will see a notification in the upper right corner when uBlock Origin has been installed. Check the box to allow it to run in private windows.

LibreWolf includes uBlock Origin, so it will be installed automatically if you chose to use LibreWolf.

Step 4: Configure uBlock Origin

**Figure 12:** uBlock Origin preferences page with the LegitimateURLShortener list added.

Firefox users: close the uBlock Origin addons.mozilla.org tab. This should switch you back to the Add-ons Manager tab. LibreWolf users: you can get to the Add-ons Manager via Settings or from the “Add-ons and themes” option in the main menu.
Click the Extensions category.
Click the button with 3 dots next to uBlock Origin, then pick Preferences from the dropdown menu.
Leave the Settings page alone, and switch to the Filter lists page. (Figure 12)
Click the little + signs next to Ads, Privacy, and Malware domains. Turn on all subscriptions in those categories.
Check the box next to Import at the bottom. In the box that appears, put in https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt
Click the Apply Changes button at the top. If available, also click Update now to load the filter lists.

Step 5: Advanced Configuration

Close Firefox or LibreWolf, then restart it. If all is configured properly, you should see an empty tab, or perhaps only a DuckDuckGo search box, when the browser starts.

In the address bar at the top of the window, clear out any text that is already present, and type in about:config before pressing Enter.

Figure 13: Firefox displays a caution message before changing advanced settings. Accept the risk and continue.
You may need to click the “Accept the Risk and Continue” button. (Figure 13)

Figure 14: Disabling the Firefox disk cache.
In the “Search preference name” box, type “browser.cache.disk.enable”
Look for the item browser.cache.disk.enable. If it is set to true, double-click it to set it to false. This setting prevents Firefox or LibreWolf from writing forensically-recoverable cache artifacts back to the hard drive. (Figure 14)

Figure 15: Enabling the fingerprinting resistance setting.
Do the same thing for privacy.resistFingerprinting, only be sure this value is set to true. If you encounter problems with websites, it might be necessary to turn this setting off. (Figure 15)

Figure 16: Adding a preference to Firefox to disable its profile reset non-feature.
In the “Search preference name” box, type in the following with exact capitalization: browser.disableResetPrompt. Be sure the radio button is set to Boolean, and click the + button to add the preference. (Figure 16) The value should default to true automatically. This setting prevents Firefox from asking to reset all its settings back to default values in the future. The completed setting should look like Figure 17.

Figure 17: The added preference to prevent Firefox from prompting for a profile reset in the future.

Step 6: Uninstall Google Chrome

If you had to install Firefox, there is a good chance you’ve been using Google Chrome. However, as we have seen previously in this module, Google Chrome is bad for privacy. Now would be a good time to uninstall it and learn to use Firefox as your daily browser. You might want to make a note of any saved bookmarks and login information before removing Chrome.

(No, I’m not going to grade you on removing Chrome. It’s your choice to keep it if you want to keep it. However, you should realize that everything you do in Chrome is reported back to Google, even if you’re in incognito mode.)

Step 7: Switch to Linux

If you’re running macOS or Windows, we’ve done everything possible to increase your browsing privacy without changing your operating system. However, you should be aware that both operating systems have built-in telemetry that informs Apple and Microsoft of your activities while you’re using your computer. Making the browser private is an important step, but it is ultimately a limited one in the broader context of digital privacy.

To be serious about privacy, you need to consider switching from these proprietary operating systems to an open-source system. Linux or a BSD system would be ideal, although hardware and software support is better these days in Linux. Actually making the switch is beyond the scope of browser privacy, and it does require a commitment to learn new ways of doing things. However, I have to mention the limitations of improving only the browser on the macOS and Windows platforms.

Step 8: Ditch Unnecessary Online Services and Remove Apps

If you can do without invasive services like Facebook (and Google, for that matter), I encourage you to close your accounts. I deleted Facebook several years ago and am in the process of preparing to delete my Google account in a few months. Avoiding the use of such services is one way to improve your privacy.

At the very least, you should uninstall any apps (desktop or on your phone) for these services, and access them only through your privacy-oriented Firefox or LibreWolf installation. Close and restart the browser after you’re done using the invasive service, so that the cookies and other tracking data set by those services do not follow you around the Internet.

Now What?

Take a look at the Privacy Guides website for more ideas of things you can do to improve your online privacy. Do not give in to the corporate overlords just because they make it inconvenient not to do so.

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.