Firefox user.js for Security and Privacy

craigevil

Well-Known Member
Joined
Feb 24, 2021
Messages
448
Reaction score
455
Credits
3,078
Does anyone use user.js with Firefox? Post your user.js
Code:
user_pref("beacon.enabled", false);
user_pref("browser.backspace_action", 0);
user_pref("browser.discovery.enabled", false);
user_pref("browser.proton.appmenu.enabled", true);
user_pref("browser.proton.enabled", true);
user_pref("browser.proton.tabs.enabled", true);
user_pref("dom.security.https_only_mode", true);
user_pref("dom.security.https_only_mode_ever_enabled", true);
user_pref("dom.event.clipboardevents.enabled", false);
user_pref("dom.forms.autocomplete.formautofill", false);
user_pref("extensions.pocket.enabled", false);
user_pref("geo.enabled", false);
user_pref("media.peerconnection.enabled", false);
user_pref("network.IDN_show_punycode", true);
user_pref("network.cookie.cookieBehavior", 1);
user_pref("network.dns.disablePrefetch", true);
user_pref("network.http.speculative-parallel-limit", 0);
user_pref("network.predictor.enabled", false);
user_pref("network.prefetch-next", false);
user_pref("network.security.esni.enabled", true);
user_pref("network.trr.custom_uri", "https://dns.nextdns.io/5fae9f");
user_pref("network.trr.mode", 2);
user_pref("network.trr.uri", "https://dns.nextdns.io/5fae9f");
user_pref("privacy.firstparty.isolate", true);
user_pref("privacy.resistFingerprinting", true);
user_pref("privacy.socialtracking.block_cookies.enabled, true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.cryptomining.enabled", true);
user_pref("privacy.trackingprotection.fingerprinting.enabled", true);
user_pref("privacy.trackingprotection.pbmode.enabled", true);
user_pref("privacy.trackingprotection.socialtracking.enabled", true);
user_pref("security.ssl.disable_session_identifiers", true);
user_pref("security.ssl.enable_false_start", false);
user_pref("security.ssl.require_safe_negotiation", true);
user_pref("security.ssl3.rsa_des_ede3_sha", false);
user_pref("security.tls.enable_0rtt_data", false);
user_pref("security.enterprise_roots.enabled", true);
user_pref("webgl.disabled", true);
 


I just use add-ons but will be interesting to see what people will be posting here. I actually don't know much about these settings. What's the difference between changing things under about:config and putting them in user.js, the first one is global, the latter is per user/profile?
 
This way if I install Firefox on a new OS, I simply copy my user.js to the new Firefox profile and all of my settings are there.

Plus a couple were either hidden and only available in about:config or were ones I have added to about:config.
 
I just use add-ons but will be interesting to see what people will be posting here. I actually don't know much about these settings. What's the difference between changing things under about:config and putting them in user.js, the first one is global, the latter is per user/profile?
If you like me and dont know how to do user.js then just type the about:config in the URL of the browser and enter then accept then can navigate from there.
 
user.js is basically a copy of the settings you have changed either in the various Firefox settings or in about:config.
You create the user.js file in a text editor, then copy the settings you want from pref.js in your Firefox folder. I keep a backup copy of user.js then any time I install Firefox I just copy it to my new Firefox profile. That way I do not have to go through the hassle of changing all of the settings in about:config.

There are also various user.js versions like ghacks.js and arkenfox that have privacy settings already done for you.
 
You create the user.js file in a text editor, then copy the settings you want from pref.js in your Firefox folder. I keep a backup copy of user.js then any time I install Firefox I just copy it to my new Firefox profile. That way I do not have to go through the hassle of changing all of the settings in about:config.
There are also various user.js versions like ghacks.js and arkenfox that have privacy settings already done for you.
That is above my capability at present.
I wouldnt want to do as you do as by doing that it would only but guarantee the new FireFox browser fingerprint relationship map matched with any prior FireFox browser as i am trying to avoid being fingerprinted by browsers.
 
I pretty much only use Firefox for browsing forums/stack.
Vivaldi for web browsing.
Librewolf for sites I haven't visited before.
And on rare occasions Tor Browser.
 
user_pref("media.peerconnection.turn.disable", true);
user_pref("media.peerconnection.use_document_iceservers", false);
user_pref("media.peerconnection.video.enabled", false);
user_pref("media.peerconnection.identity.timeou", 1);
user_pref("privacy.trackingprotection.fingerprinting.enabled", true);
user_pref("privacy.trackingprotection.cryptomining.enabled", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("browser.send_pings", false);
user_pref("dom.event.clipboardevents.enabled", false);
user_pref("media.eme.enabled", false);
user_pref("media.gmp-widevinecdm.enabled", false);
user_pref("media.navigator.enabled", false);
user_pref("browser.send_pings", false);
user_pref("network.cookie.cookieBehavior", 1);
user_pref("network.http.referer.XOriginPolicy", 2);
user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
user_pref("webgl.disabled ", true);
user_pref("beacon.enabled", false);
user_pref("network.IDN_show_punycode", true);
user_pref("browser.shell.checkDefaultBrowser", false);
user_pref("browser.startup.page", 3);
user_pref("browser.startup.homepage", "about:blank");
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
user_pref("browser.newtabpage.activity-stream.telemetry", false);
user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
user_pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "{}");
user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
user_pref("browser.newtabpage.activity-stream.showSponsored", false);
user_pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
user_pref("browser.newtabpage.activity-stream.default.sites", "");
user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely deceased!");
user_pref("geo.provider.use_gpsd", false);
user_pref("browser.region.network.url", ""); // [FF78+]
user_pref("browser.region.update.enabled", false);
user_pref("intl.accept_languages", "en-US, en");
user_pref("javascript.use_us_english_locale", true);
user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
user_pref("dom.ipc.plugins.reportCrashURL", false);
user_pref("extensions.getAddons.showPane", false);
user_pref("toolkit.telemetry.unified", false);
user_pref("toolkit.telemetry.enabled", false); // see [NOTE] above FF58+
user_pref("toolkit.telemetry.server", "data:,");
user_pref("toolkit.telemetry.archive.enabled", false);
user_pref("toolkit.telemetry.newProfilePing.enabled", false);
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false);
user_pref("toolkit.telemetry.updatePing.enabled", false);
user_pref("toolkit.telemetry.bhrPing.enabled", false);
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false);
user_pref("toolkit.telemetry.coverage.opt-out", true);
user_pref("toolkit.coverage.opt-out", true);
user_pref("toolkit.coverage.endpoint.base", "");
user_pref("datareporting.healthreport.uploadEnabled", false);
user_pref("datareporting.policy.dataSubmissionEnabled", false);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("browser.discovery.enabled", false);
user_pref("breakpad.reportURL", "");
user_pref("browser.tabs.crashReporting.sendReport", false);
user_pref("browser.crashReports.unsubmittedCheck.enabled", false);
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
user_pref("captivedetect.canonicalURL", "");
user_pref("network.captive-portal-service.enabled", false);
user_pref("network.connectivity-service.enabled", false);
user_pref("extensions.blocklist.enabled", true);
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
user_pref("browser.safebrowsing.downloads.remote.url", "");
user_pref("app.normandy.enabled", false);
user_pref("app.normandy.api_url", "");
user_pref("browser.ping-centre.telemetry", false);
user_pref("extensions.formautofill.creditCards.available", false);
user_pref("extensions.formautofill.creditCards.enabled", false);
user_pref("extensions.formautofill.heuristics.enabled", false);
user_pref("extensions.formautofill.available", "off");
user_pref("extensions.formautofill.addresses.enabled", false);
user_pref("extensions.webcompat-reporter.enabled", false);
user_pref("network.http.speculative-parallel-limit", 0);
user_pref("browser.send_pings", false);
user_pref("browser.send_pings.require_same_host", true);
user_pref("network.dns.disableIPv6", true);
user_pref("network.http.altsvc.enabled", false);
user_pref("network.http.altsvc.oe", false);
user_pref("network.proxy.socks_remote_dns", true);
user_pref("browser.urlbar.speculativeConnect.enabled", false);
user_pref("signon.autofillForms", false);
user_pref("signon.formlessCapture.enabled", false);
user_pref("network.auth.subresource-http-auth-allow", 1);
user_pref("general.useragent.override","Mozilla/5.0 CK={} (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko");
 
Hi to all! This looks interesting.
I come from the arkenfox script.
To be honest, I am new to Linux.
And I would like to know if you know how I should apply it in Firefox on my Linux distribution.
Thank you.
 
Hi to all! This looks interesting.
I come from the arkenfox script.
To be honest, I am new to Linux.
And I would like to know if you know how I should apply it in Firefox on my Linux distribution.
Thank you.
First off, open FF and type into URL = about:config
then accept the warning - then type into the new window search = geo.enabled
then to the right of geo.enabled click and the setting change to = false
then type into search = privacy.resistFingerprinting and click to make is say = true.

These 2 settings i usually do immediately upon setting up browser manually along with hardening the browser settings in the GUI.

Then your browser will produce a randomised fingerprint different per tab and per session.

I would advise against running a script if your intentions are to blend in with others on FF and remain more private, unless theres many people using the same script which could work, i my self dont do scripts though.

I would love to know which setting in FF i need to stop FF seeing my device info i.e. which machine im using etc?
 

Members online


Latest posts

Top