Jump to content

My Firefox Settings

From Copper9 Wiki
Revision as of 10:54, 18 May 2026 by Admin (talk | contribs)

Note: This article is imported from an old note-taking app and may be outdated.

Core Modifications & Bloatware Removal

Some guides, such as the Spyware Watchdog Mitigation Guide, recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.

Navigate to your Firefox features directory and remove unnecessary add-ons:

cd /usr/lib/firefox/browser/features
doas rm *.xpi

List of bundled plugins commonly removed:

  • firefox@getpocket.com.xpi — Pocket
  • followonsearch@mozilla.com.xpi — Follow-On Search
  • activity-stream@mozilla.org.xpi — Activity Stream
  • screenshots@mozilla.org.xpi — Screenshots
  • onboarding@mozilla.org.xpi — Onboarding
  • formautofill@mozilla.org.xpi — Autofill
  • webcompat@mozilla.org.xpi — Web Compatibility Reporter

Configuration Tweaks (about:config) (if user.js does not cover them)

Privacy, Security & Networking

accessibility.blockautorefresh
Set to true to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. (via Pedantic Software)
browser.sessionstore.interval
Set to a very high value to reduce disk writes and SessionStore tracking.

Additional Hardening Actions

  • Disable Firefox SessionStore: Search for browser.sessionstore in about:config and disable relevant telemetry/saving mechanisms.
  • Disable CSS Visited Links: Mitigates history-sniffing vulnerabilities. Read the Reddit discussion here.

User.js Templates & Generators

Instead of manually configuring about:config, you can use pre-configured user.js files.

TODO: Add information about how to set up user.js here.

Generators:

  • ffprofile.com — Interactive user.js generator.
    • Note on User-Agent Spoofing: While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint more unique (alternative tools list). Because Firefox's engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see Willhouse or WhatIsMyBrowser.

Popular Pre-configured Templates:

  1. Arkenfox (Highly recommended, well-known)
  2. Pyllyukko (Security focused)
  3. Narsil's user.js (Privacy focused) (I use this one)
  4. Vulpes
  5. Narsil's user.js for Pale Moon (Privacy focused)
  6. krathalan config
  7. simeononsec FireFox Script
  8. vermaden's Sensible Setup

Extensions & Add-ons

  • ximatrix: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. Source code available here.
  • Chrome Extensions on Firefox: Firefox has introduced capabilities for importing Chrome extensions. Read the Slashdot coverage.
  • Extension Restrictions: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read 12bytes' analysis and their uBlock suggested settings.

Browser UI & Maintenance Tweaks

TODO update this part with my settings My settings are

Going to settings and.

General:

Open links in tabs instead of new windows -> enabled

Show an image preview when you hover on a tab -> disabled

Fonts -> Allow pages to choose their own fonts instead of your selections above -> disabled

Language -> English US

Webpage language -> Request English versions of web pages for enhanced privacy -> True

Enable full page translations -> disabled

Check spelling as you type -> false

Enable PiP video controls -> false

control media via keyboard headset or virtual interface -> false

enable link previews -> disabled

Home:

Homepage and new windows -> blank page

new tabs -> blank page

Search:

Switch to a better search engine (lite.duckduckgo.com or my own searxng and 4get instances)

Show search suggestions -> disabled

Privacy and Security:

Strict tracking protection -> fix major site issues -> disabled

Tell websites to not to sell or share my data -> enabled (enabled DNT too by using the secret about config entry)

Clear cookies and site data every time you close firefox -> true

do not save passwords, payment, address

clear history when firefox closes -> true

permissions -> disallow everything

block popups and 3rd party redirect -> true

warn if websites install extensions -> true

data collection -> disallow everything

https only mode -> enable

dns over https -> max protection with a privacy friendly provider

Comprehensive Hardening Guides & Reading