How to Secure Your Firefox Browser

Stay safe while browsing the web

Firefox browser

The browser wars rage on. Some people love Google Chrome, some choose Safari. Firefox seems to be pretty stable, except for the occasional random shutdown or two. Firefox also has some great security features that make it our preferred browser of choice.

Hackers also like Firefox because it allows them to do all kinds of nasty stuff such as using a plug-in called Firesheep to capture web traffic at coffee shops and other open public Wi-Fi hotspots.

Let's focus on how you can make your Firefox web-browsing experience a safer one. Follow the tips below to help fortify your Firefox browser:

Turn on Firefox's 'Do Not Track' feature:

There is a privacy-related feature in Firefox that tells websites that you don't want to have your actions tracked by the website you are visiting. This doesn't mean that websites will respect your privacy or fulfill your request, but it at least makes your intentions known. Hopefully, some sites will honor your wishes.

To enable the Do Not Track feature:

  1. Click on the Firefox Preferences menu.
  2. Choose the Privacy tab.
  3. Check the box that says Tell websites that I don't want to be tracked

Turn on Firefox's Phishing and malware blocking features

Another couple of security features in Firefox that are worth enabling are its built-in phishing and malware protection. These features check the site you are attempting to connect to against a list of known phishing or malware sites and alert you when you try to connect to a known bad site. The list is updated every 30 minutes in order to stay current.

To enable Firefox's built-in Phishing and Malware blocking feature.

1. Click on the Firefox Preferences menu.

2. Choose the Security Tab.

3. Check the boxes for "Block Reported Attack Sites" and "Block Reported Web Forgeries".

The phishing and malware feature is not a substitute for dedicated malware and virus protection, but it will act as a second layer of defense in your overall defense-in-depth security strategy.

Install the Noscript Anti-XSS and Anti-Clickjacking Firefox add-on

Allowing scripts to run on web pages is a double-edged sword. Scripts are used by site designers to do all kinds of necessary stuff like load and format content, provide navigation elements necessary for the site to function, and other stuff, however, scripts can also be used by malware developers and phishers for clickjacking and cross-site scripting attacks.

The Noscript add-on puts you in the driver seat and lets you decide which of the sites that you visit are allowed to execute scripts. You will obviously want to enable sites you trust such as your bank. It may take a while to enable all the sites you trust as you will have to visit them and click the "Allow" button for each site you want to allow scripts to run on. After a few days or so you won't even know it's there until you visit a site that you normally don't frequent.

If you notice that a site doesn't seem to be working after you have the Noscript add-on loaded it is probably because you forgot to click the "Allow" scripts button for that site. You can also "forbid" sites that you previously allowed if you feel like a site might have been compromised.

To add Noscript to Firefox:

  1. Go to the Mozilla Add-ons Site.
  2. Search for noscript
  3. Click on the Add to Firefox button to the right of the add-on.
  4. Follow the on-screen instructions to install Noscript.

Turn on Firefox's pop-up blocker

Unless you like pop-ups interrupting your browsing every two minutes, the pop-up blocker is one of those must-have features that you will want to make sure is turned on. You can always add exceptions for sites that require pop-ups like certain shopping or banking sites.

To enable Firefox's pop-up blocker:

  1. Click on the Firefox Preferences menu.
  2. Choose the Content Tab.
  3. Check the Block pop-up windows box

Please note that if you're using Firefox 9.x or later for Windows then most of these settings will be located under the Tools menu under Options.