Why Harden Firefox?

Firefox is one of the most privacy-respecting mainstream browsers available, but its default settings still leave room for improvement. Out of the box, Firefox sends telemetry data to Mozilla, allows websites to fingerprint your browser, and does not block all trackers. With a few targeted changes, you can significantly reduce your digital footprint while keeping the browser fully functional for everyday use.

i
Before You Start

These changes are designed for general-purpose privacy. If you need maximum anonymity (whistleblowing, activism in hostile countries), consider using Tor Browser instead. The goal here is to make everyday browsing significantly more private without breaking most websites.

This guide covers Firefox on all desktop platforms (Windows, macOS, Linux). The settings menus and about:config entries are identical across operating systems. Make sure you are running the latest version of Firefox before proceeding.

Enhanced Tracking Protection

Firefox includes a built-in tracking protection system called Enhanced Tracking Protection (ETP). By default, it runs in Standard mode, which blocks known third-party trackers and cryptominers. Switching to Strict mode significantly expands what gets blocked.

Enabling Strict Mode

1
Open Firefox Settings by clicking the hamburger menu (three horizontal lines) in the top-right corner, then select Settings. Alternatively, type about:preferences in the address bar and press Enter.
2
Click Privacy & Security in the left sidebar. Under Enhanced Tracking Protection, select Strict.
3
Firefox will ask you to reload all open tabs. Click Reload All Tabs to apply the changes immediately.

Strict mode blocks the following:

  • Social media trackers (Facebook, Twitter tracking pixels)
  • Cross-site cookies in all windows (not just private browsing)
  • Tracking content in all windows (Standard only blocks in private windows)
  • Cryptominers that hijack your CPU
  • Known fingerprinting scripts
!
Possible Breakage

Strict mode may occasionally break website functionality, particularly sites that rely on third-party authentication or embedded content. If a site breaks, click the shield icon in the address bar and toggle off Enhanced Tracking Protection for that specific site.

Essential about:config Tweaks

Firefox has hundreds of hidden configuration options accessible through about:config. These settings give you fine-grained control over privacy-related behavior that is not exposed in the normal settings interface.

1
Type about:config in the address bar and press Enter. Click Accept the Risk and Continue when warned.

Use the search bar at the top to find each setting. Double-click a boolean value to toggle it, or click the pencil icon to edit string/integer values.

Disable Telemetry

Mozilla collects usage data by default. While they state it is anonymized, there is no reason to send any data if you value privacy. Change these settings: 

toolkit.telemetry.enabled = false
toolkit.telemetry.unified = false
toolkit.telemetry.archive.enabled = false
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
browser.ping-centre.telemetry = false
browser.newtabpage.activity-stream.feeds.telemetry = false
browser.newtabpage.activity-stream.telemetry = false

Prevent WebRTC IP Leaks

WebRTC (Web Real-Time Communication) is used for video calls and peer-to-peer connections, but it can leak your real IP address even when using a VPN. This is one of the most important privacy tweaks you can make. 

media.peerconnection.enabled = false
!
Impact on Video Calls

Disabling WebRTC will break browser-based video and voice calls (Google Meet, Jitsi, Discord in-browser). If you need these services, set the value back to true or use a dedicated application instead of the browser.

If you need WebRTC but still want to prevent IP leaks, use this less aggressive option instead: 

media.peerconnection.ice.default_address_only = true
media.peerconnection.ice.no_host = true

Disable Pocket

Pocket is a read-it-later service owned by Mozilla. It is integrated into Firefox and shows recommended articles on the new tab page. Disabling it removes this integration entirely. 

extensions.pocket.enabled = false

Disable Firefox Suggestions and Sponsored Content

browser.urlbar.suggest.quicksuggest.sponsored = false
browser.urlbar.suggest.quicksuggest.nonsponsored = false
browser.newtabpage.activity-stream.showSponsored = false
browser.newtabpage.activity-stream.showSponsoredTopSites = false

Disable Prefetching

Firefox can prefetch pages and DNS entries it thinks you might visit next. While this speeds up browsing, it also sends requests to servers you never intended to visit. 

network.prefetch-next = false
network.dns.disablePrefetch = true
network.predictor.enabled = false
network.http.speculative-parallel-limit = 0

Cookie and History Settings

Cookies are small files that websites store in your browser. They serve legitimate purposes (keeping you logged in) but are also heavily abused for tracking you across the web. Firefox gives you several layers of control over cookie behavior.

Configure Cookie Behavior

In Settings > Privacy & Security, scroll down to Cookies and Site Data. The recommended approach is:

  • Keep cookies enabled (blocking all cookies breaks most websites)
  • Enable Delete cookies and site data when Firefox is closed
  • Use the Manage Exceptions button to whitelist sites you want to stay logged into

With this configuration, you start each browsing session with a clean slate while maintaining logins for sites you trust and use regularly (email, banking, etc.).

History Settings

Under the History section, change the dropdown to Use custom settings for history. This reveals additional options:

  • Uncheck Remember browsing and download history if you want no local traces
  • Uncheck Remember search and form history to prevent autofill of previous searches
  • Enable Clear history when Firefox closes and click Settings to choose what gets cleared
i
Balance Convenience and Privacy

You do not need to clear everything on every close. A practical middle ground is to clear cookies and cache on close, but keep browsing history for your own convenience. Your history is stored locally and does not leave your computer.

HTTPS-Only Mode and DNS over HTTPS

Two of the most impactful privacy features in Firefox are HTTPS-Only mode and DNS over HTTPS (DoH). Together, they encrypt both your web traffic and the DNS queries that reveal which sites you visit.

Enabling HTTPS-Only Mode

HTTPS-Only mode forces all connections to use encrypted HTTPS instead of unencrypted HTTP. If a site does not support HTTPS, Firefox will show a warning before loading it.

1
Go to Settings > Privacy & Security and scroll to the bottom.
2
Under HTTPS-Only Mode, select Enable HTTPS-Only Mode in all windows.

This ensures all your web traffic is encrypted in transit. The vast majority of modern websites support HTTPS, so you will rarely encounter the fallback warning.

Enabling DNS over HTTPS

When you type a website address, your browser sends a DNS query to translate the domain name (like example.com) into an IP address. By default, these queries are sent in plain text, meaning your ISP (and anyone monitoring your network) can see every site you visit. DNS over HTTPS encrypts these queries.

1
Go to Settings > Privacy & Security and scroll down to DNS over HTTPS.
2
Set it to Max Protection. Choose a DNS provider from the dropdown. Cloudflare and NextDNS are popular privacy-respecting options.
Cloudflare (1.1.1.1) Fast, privacy-focused DNS. Audited by independent firms. Logs purged within 24 hours.
NextDNS Configurable DNS with ad/tracker blocking. Free tier available. Logs optional and user-controlled.
Mullvad DNS No-logging DNS from the team behind Mullvad VPN. Add the custom URL manually.

Search Engine and Final Touches

Change Your Default Search Engine

Google is Firefox's default search engine, and every search you make is logged by Google and tied to your profile. Switching to a privacy-respecting search engine is one of the simplest and most effective privacy improvements you can make.

1
Go to Settings > Search. Under Default Search Engine, select an alternative from the dropdown.
DuckDuckGo No tracking, no search profiles. Good general-purpose results. Supports bangs (shortcuts like !w for Wikipedia).
Startpage Serves Google results without Google tracking. Ideal if you want Google-quality results privately.
Brave Search Independent search index (not proxied Google). No user tracking. Growing rapidly in quality.

Additional Recommended Settings

A few more settings worth changing in the normal Settings interface:

  • Settings > Privacy & Security > Permissions: Set Location, Camera, Microphone, and Notifications to "Block new requests" unless you actively use them
  • Settings > Privacy & Security > Firefox Data Collection: Uncheck all boxes under this section
  • Settings > Home: Set homepage and new tabs to "Blank Page" to avoid Mozilla's content recommendations
  • Settings > General > Browsing: Uncheck "Recommend extensions as you browse" and "Recommend features as you browse"
+
You Are Done

With these changes applied, Firefox is now significantly hardened against tracking, fingerprinting, and data collection. For the next layer of protection, install privacy-focused browser extensions -- covered in the Essential Privacy Extensions tutorial.

Related Tutorials