Mozilla Firefox
The following are some steps to disable various features in Mozilla Firefox. Note that some menu options may change between versions or may appear in different locations depending on the host operating system. You should adapt the steps below as appropriate.
To edit the settings for Mozilla Firefox, select Tools, then Options.
You will then see an Options window that has a Category row at the top and the features for that category below.
Privacy Category
Under the Privacy category, you will find options for browser History and Cookies. In the History section, disable the option to Remember what I enter in forms and the search bar. If the browser remembers these options, it can be a privacy violation, especially if the browser is used in a shared environment. Visited page and download history can be disabled here too.
In the Cookie section, select ask me every time. This will help make it clear when a web site is attempting to set a cookie.
Example of what happens when a user is prompted to save a cookie:
When the user is prompted, the contents of the cookie can be viewed and the user can select whether to Deny, Allow for Session, or Allow the cookie. This gives the user more information about what sites are using cookies and also gives more granular control of cookies as opposed to globally enabling them. Select Use my choice for all cookies from this site to have the browser remember your decision so that you will not be prompted each time you return to the site. Clicking the Allow for Session button will cause the cookie to be cleared when the browser is restarted. If prompting for each cookie is too excessive, the user may wish to select the Keep until: I close Firefox option. This will prevent web sites from being able to set persistent cookies.
Remove Stored Cookies from FireFox
Remove stored cookies from the FireFox browser by selecting Tools, Options, Privacy tab.
Select the Exceptions button from the Cookies section of the dialog box.
Highlight the cookies to be removed and click on the Remove Cookie button.
Click on the Close button when finished.
Main Category
Under this section, you can set Firefox as your default browser. Also select the option Always ask me where to save files. This will make it more obvious when a web page attempts to save a file to your computer.
Security Category
Many web browsers will offer the ability to store login information. In general, we recommend against using such features. Should you decide to use the feature, ensure that you use the measures available to protect the password data on your computer. Under the Security category, the Passwords section contains various options to manage stored passwords, and a Master Password feature to encrypt the data on your system. We encourage you to use this option if you decide to let Mozilla Firefox manage your passwords.
The Warn me when sites try to install add-ons option will display a warning bar at the top of the browser when a web site attempts to take such an action.
Content Category
The Content category contains an option to Enable Java. Java is a programming language that permits web site designers to run applications on your computer. We recommend disabling this feature unless required by the trusted site you wish to visit. Again, you should determine if this site is trustworthy and whether you want to enable Java to view the site’s content. After you are finished visiting the site, we recommend disabling Java until needed again.
Setting Advanced Java Features
In order to modify the Advanced Java settings, select the option to Enable Java on the Content dialog box and then select the Advanced button.
We recommend disabling all of the options displayed in this dialog.
Manage Actions taken when Files are Downloaded
The Content section has an option to modify actions taken when files are downloaded. Any time a file type is configured to automatically open with an associated application, this can make the browser more dangerous to use. Vulnerabilities in these associated applications can be exploited more easily when they are configured to automatically open. Click the Manage button to view the current download settings and modify them if necessary.
The Download Actions dialog will show the file types and the currently configured actions to take when the browser encounters such a file.
For any selected file in the Download Actions dialog box, either change or remove action assigned to the file type. This increases the amount of user action required to launch the associated applications, and will therefore help prevent automated exploitation of vulnerabilities that may exist in these applications.
From the Change Action dialog box, make any necessary changes for the file type. Click on the OK button when finished.
Clearning Private Data in FireFox 1.5 or later
Firefox 1.5 and later include a feature to Clear Private Data. This option will remove potentially sensitive information from the web browser. Select Clear Private Data from the Tools menu to use this privacy feature.
Because Firefox does not have easily-configured security zones like Internet Explorer, it can be difficult to configure the web browser options on a per-site basis. For example, a user may wish to enable JavaScript for a specific, trusted site, but have it disabled for all other sites. This functionality can be added to Firefox with an add-on, such as NoScript.
With NoScript installed, JavaScript will be disabled for sites by default. The user can allow scripts for a web site by using the NoScript icon menu. Scripts can be allowed for a site on a temporary or a more permanent basis. If Temporarily allow is selected, then scripts are enabled for that site until the browser is closed.
(back)