A Beginner’s Guide to Setting Up Firefox for Security and Privacy

Eric Ransom Writing Projects Other Stuff Contact

Header image

A Beginner’s Guide to Setting Up Firefox for Security and Privacy

Goal of this guide

This short guide is intended to show users how to set up Firefox to increase security and privacy while minimizing exposure to ads, trackers, and other malicious web content. I wanted to make a simple step-by-step guide that anyone could follow and end up with a solid browser setup in about 10-15 minutes.

Reasons to use Firefox over Chrome, Edge, or Safari

Firefox is the only one of these browsers that is developed by a non-profit organization.

Mozilla has long been an organization fighting for a more open, secure, and private internet. You can read more about their goals on their website. This is in stark contrast to Google, which makes the vast majority of its income from serving targeted advertisements. Google has every incentive to track your browsing habits for profit.

Firefox can do everything other browsers can do. All of the browsers mentioned above are well-maintained software that work well on almost all web sites. Except for very specific use cases, all of the browsers will provide a similar user experience on the web. Why not choose the option that prioritizes your privacy and security, all else being roughly equal?

Install Firefox and a few Add-ons

First, you will want to install Firefox from the Mozilla website. You should only get Firefox or Firefox Add-ons from the mozilla.org domain. You can get the browser here:

Firefox for Desktop

Run the installer, and run Firefox once it has been installed. It will likely ask you whether you want to make Firefox your default browser, and I recommend accepting this. If you are not prompted to do this, you can manually change this in the Options menu. Click on the Firefox menu button > click options > and the default browser option will be near the top of the “General” tab under “Startup”

Next, there are a few Add-ons that I recommend installing:

HTTPS Everywhere

Makes your web communications more secure by default
Enables HTTPS by default on sites that support it
No manual configuration needed
Developed by the non-profit Electronic Frontier Foundation

Privacy Badger

Automatically blocks invisible trackers such as those used by Facebook and Google to track your online activity
Can speed up websites by blocking unnecessary and malicious website elements
Works out of the box without configuration, but allows for customization for advanced users
Also developed by the Electronic Frontier Foundation

uBlock Origin

Comprehensive blocker for advertisements, trackers, and other malicious content
Works well out of the block, but lots of customization available for advanced users
Open source project that is extremely well-maintained and updated often
If you only install one Firefox Add-on, it should be this one

It is okay to run the default options for all of these addons. They are customizable to specific uses, but the default options work in most cases.

One thing to note is that occasionally one of these Add-ons will break a website you use by accidentally blocking an element on a website. If this happens to you, you can click on each of the individual addons to the right of the Firefox address bar to temporarily or permanently disable the Add-on for a particular site. For example, if you go to a website and then click on the Privacy Badger icon, you will see a large button allowing you to disable the Add-on for the site permanently. This is useful when you know the website is safe but the Add-on is causing the site to break for some reason.

Set up some Firefox options to make your browsing more secure

Setting the following options can improve security and privacy, but it is important to keep in mind that there is sometimes a tradeoff between security and user experience. For example, completely disabling Javascript in your browser will greatly increase security, but it will also completely break many of the websites you frequently use. I would not recommend disabling Javascript because of this.

Here are some options you can set that will increase your security without compromising much usability. First, go to the Firefox Menu, and click “Options” to bring up the Options menu in a new tab.

Under the Search menu on the left pane, find the setting for “Default Search Engine”. Here you can switch which search engine will be used when you type searches into the address bar. I recommend switching this from Google to DuckDuckGo. DuckDuckGo is a privacy-focused search engine which has improved greatly over the past few years and frequently gives the same results as Google. If Google works better for you, this is one of those instances where you can choose user experience over privacy, and that will just come down to personal preference.

The rest of these will be in the Privacy and Security menu. First, you will see Enhanced Tracking Protection. I recommend setting this to “Strict” to block social media trackers and tracking cookies. If you select “Custom”, you can also choose the option to block all third-party cookies, but this may cause some websites to break.

Scroll down to Cookies and Site Data. You will have the option here to delete cookies and site data every time Firefox is closed. This is the more secure option, but it is probably overkill if your PC is secured and only used by you and other trusted people. I would personally leave this option disabled unless this will be a computer in a shared space, as this will ensure users don’t accidentally stay logged in to sites with personal data. You can make the same choice for “History” further down the page.

The next sections are “Logins and Passwords” and “Forms and Autofill”. I would recommend unchecking these options, particularly if you use your own password manager to store passwords. Allowing Firefox to remember all of your sensitive data could be problematic if someone else gets access to your PC, but again this is a personal choice based on the privacy/usability tradeoff.

Permissions. Under this section, you will definitely want to check both “Block pop-up windows” and “Warn you when websites try to install add-ons”. It is rare that you will ever want these, and there is a button here to enter an exception if a site you frequent makes use of pop-ups for some reason.

In this section, you can also restrict your browser’s access to your computer’s hardware such as your camera, location, and microphone. I would recommend clicking on Location and ticking the option to “Block new requests asking to access your location”. I do the same for Notifications and Autoplay since these are just annoyances to me that offer no value. I keep Camera and Microphone unrestricted on my laptop to be able to video conference, but these can also be restricted based on your needs.

Firefox Data Collection and Use. You can decide here whether you want to provide data from your web activity to Firefox to help them improve the software. I have no reason to think that Mozilla is doing anything nefarious with this data, and it is likely quite useful to them when developing new features. If you have no interest in sharing any info, just uncheck all the boxes here.

Deceptive Content and Dangerous Software Protection. I would make sure all the boxes in this section are checked. Firefox uses some built-in protections here to prevent phishing and malware, and I see no reason to disable these.

Conclusion

This setup is a great baseline for more secure and private web browsing. These recommended steps are mostly hands-off once set up, so you should not have to tinker with things much except in the rare cases where you have to disable an Add-on to get a particular website to load properly. There is always more that you can learn about and more steps to take if you’re interested in doing so, but I believe this is a great foundation for browsing the web securely.