10

Firefox about:config settings for security

Submitted by aiwendil in security_culture (edited )

I would like to get a list of firefox configuration settings for enhanced security. These can be used to help make Tor browser more secure, but should only be done in that case by more advanced users that understand the implications of their actions. For the most part these are just settings that will make your Firefox browsing experience more secure.

webgl.disabled=true #disables webgl, good to do if you don't need it.

privacy.resistFingerprinting=true #tells firefox to resist browser fingerprinting(see https://panopticlick.eff.org/)

privacy.firstparty.isolate=true #helps prevent cross domain tracking

privacy.trackingprotection.enabled=true #firefox built in tracker blocking (uses disconnect.me's tracker list)

browser.cache.offline.enable=false #disable offline cache

browser.safebrowsing.phishing.enabled=false #increases privacy, could be a security risk, disable at your own risk

browser.safebrowsing.malware.enabled=false #increases privacy, could be a security risk, disable at your own risk

browser.send_pings=false #prevents websites from tracking your clicks

browser.sessionstore.max_tabs_undo=0 #prevents firefox from storing a list of closed tabs

browser.urlbar.speculativeConnect.enabled=false #disable autocomplete function from loading website content.

javascript.enabled=false #disable javascript

dom.storage.enabled=false #disable dom storage

dom.battery.enabled=false #prevents websites from tracking your battery status

dom.event.clipboardevents.enabled=false #prevent websites from accessing your clipboard

geo.enabled=false #disable geolocation

media.navigator.enabled=false #prevent websites from tracking microphone and camera status

network.cookie.cookieBehavior=1 #only accept cookies from the site issuing them

network.cookie.lifetimePolicy=2 #delete cookies at the end of this session

network.dns.disableIPv6=true #disable IPv6 as it may leak your mac address

browser.safebrowsing.enabled=false #turn off safebrowsing all together

##ssl settings

security.tls.version.min=3 #set minimum tls version to 3

security.ssl3.ecdhe_ecdsa_rc4_128_sha=false #disable insecure ssl

security.ssl3.ecdhe_rsa_rc4_128_sha=false #disable insecure ssl

security.ssl3.rsa_rc4_128_md5=false #disable insecure ssl

security.ssl3.rsa_rc4_128_sha=false #disable insecure ssl

security.ssl3.rsa_des_ede3_sha=false #disable insecure ssl

security.ssl.require_safe_negotiation=true #require safe negotiation

security.ssl.treat_unsafe_negotiation_as_broken=true #treat unsafe negotiation as broken

Comments

You must log in or register to comment.