Hardening Firefox

February 2018 update: There is a handy site called Firefox Profilemaker that poses a few questions and, based on your answers, generates a custom privacy-optimized Firefox profile.

January 2018 update: The Privacy Tools page has a section how to change Firefox's about:config settings for security.

October 2017 update: Here is a link to a guide on 'Configuring/Hardening Firefox for Security and Privacy'.

September 2016 update: Arch Linux's wiki entry on Firefox tweaks is also good.

May 2016 update: the details here, and more, are covered in much greater depth at this link. I am deprecating this post.

Out of the box Firefox has a lot of "features" that leak information about your browsing and provide targets for malicious attacks. Let's talk about fixing this in Firefox 41 (and maybe older and newer versions as well).

about:config

Some of Firefox's unwanted features can be turned off in the options GUI. Here the desirable settings are pretty clear (e.g., it's obvious that you would want to check the box next to "tell sites not to track me" or whatever.) But if you want to see all Firefox's options, you need to use the about:config screen (which you get to by typing about:config in the address bar). Some of the about:config options mentioned below might already have been toggled to a safe default by your choices in the options GUI. Nonetheless, my advice is to make sure the following settings are such:

Note: the about:config screen shows in bold any settings that have been changed from the default.

Extensions

I recommend a few extensions. Some are for privacy and security, others are just to make the browsing experience a bit better.

Other neat things

Here are some other interesting changes you can make.

Further reading

I drew on a few sites for this post.