Configuring Firefox

This is the bare minimum necessary to configure Firefox so that it behaves in a reasonable manner.
This document was last updated on 23 October 2025 and was tested with a clean install of Firefox 144.
Thanks to those who send corrections (this means you, prahou)!
Verify these steps each time Firefox is updated.

1. Download my policies.json file and install it:
   • Linux: /etc/firefox/policies/
   • MacO's: Firefox.app/Contents/Resources/distribution/
   • Windows: stop using Windows. Apparently you have to find firefox.exe and make a distribution directory there and put the file there? Toy OS. Garbage.
2. Go to uBlock Origin and click Add to Firefox
   This will filter out most of the advertisements on websites, saving you a shitload of network traffic (and if your computer is slow, not having to show all that crap is a big speedup). Once you get it set up you can just ignore it, but if you care it will tell you how much stuff it's blocked on your behalf.
3. Go to LocalCDN and click Add to Firefox
   Most websites load the same files over and over from the same places -- primarily Google servers. This thing puts all that right in your browser, making for less network traffic and denies Google the privilege of inspecting your usage patterns. Once it's installed you can ignore it.
4. Open a new tab. Click the gear icon in the upper-right corner and uncheck all of it. If you don't have the gear icon in a new tab, go to Settings -> Home and uncheck everything under Firefox Home Content.
5. Open a new tab and paste about:preferences into the URL bar.
   1. In General, scroll to Browsing:
      1. Uncheck "Recommend extensions as you browse"
      2. Uncheck "Recommend features as you browse"
   2. In Home:
      1. Set "Homepage and new windows" and "New Tabs" to "Blank Page"
      2. Uncheck everything.
   3. In Search:
      1. Set your preferred search engine under "Default Search Engine."
      2. Uncheck "Show search suggestions."
      3. Uncheck "Show recent searches."
      4. Turn off "Improve the Firefox Suggest experience."
      5. Delete search engines you don't like from "Search Shortcuts."
   4. In Privacy and Security:
      1. Under Enhanced Tracking Protection, set to Strict.
         (It might break something, but I haven't found what.)
      2. Check "Tell websites not to sell or share my data."
      3. Scroll to "Firefox Data Collection and Use":
         1. Uncheck Allow Firefox to send technical and interaction data to Mozilla.
            (Mozilla has never looked at this information, so it's a waste of your bandwidth.)
         2. Uncheck Allow Firefox to install and run studies
            (This is how they test bad ideas on your computer.)
         3. Uncheck Send daily usage ping to Mozilla
      4. Scroll to Website Advertising Preferences:
         1. Uncheck, if possible, Allow websites to perform privacy-preserving ad measurement.
            Firefox Mobile does not have this toggle. See below for an alternative approach.
            (There is no privacy-preserving ad measurement.)
      5. Scroll to Security:
         1. Uncheck Block dangerous and deceptive content.
            Firefox Mobile does not have this toggle. See below for an alternative approach.
            (It does this by checking your browsing against a list you have no control over and it's a pain in the ass to inspect.)
         2. Uncheck Query OCSP responder servers...
            (This works by asking some third party about the sites you're visiting. The danger it protects you from is very rare and probably not worth sending your browser history to internet randos in realtime.)
6. Open a new tab and type about:config into the URL bar. Click I accept the risk.
   On Firefox Mobile, go to the url chrome://geckoview/content/config.xhtml instead.
1. Paste browser.send_pings into the search box. Make sure the value is false.
   ("Browser pings" exist only to track you. There is no other reason for them to exist. Anyone telling you otherwise is your enemy.)
2. Paste beacon.enabled into the search box. Make sure the value is false.
   (These are almost indistinguishable from "browser pings" and are also only used for tracking you.)
3. Paste browser.ml.chat.enabled into the search box. Make sure the value is false.
   (This turns off the AI garbage that Mozilla is inexplicably convinced anyone asked them for.)
4. Paste datareporting.policy.dataSubmissionEnable into the search box. Make sure the value is False.
   (This is a catchall. Technically it overlaps with some other settings here, but better safe than sorry.)
5. Paste datareporting.healthreport.uploadEnabled into the search box. Make sure the value is False.
   (This is mozilla spying directly on you, collecting informationa about your browser performance.)
6. Unless you are blind, paste accessibility.force_disabled into the search box. Make sure the value is 1.
   (This feature is only of value if you use a screen reader. Every other use of this feature is an attack.)
7. Paste dom.serviceWorkers.enabled into the search box. Double-click on true so it turns to false.
   (Service workers provide little user benefit and are frequently abused by ad networks. If you are trying to use some fancy-ass web experience, this might break it.)
8. Paste network.IDN_show_punycode into the search box. Double-click on false so it turns to true.
   (This prevents people using bullshit alphabets from showing lookalike domain names.)
9. Paste geo.enabled into the search box. Double-click on true so it turns to false.
   
10. Paste geo.provider.network.url into the search box. Double-click to edit, empty it, and save.
    (This stops firefox from sending your wifi info to Google.)
11. Paste network.http.speculative-parallel-limit into the search box. Make sure the value is 0.
    (This stops Firefox from trying to guess what you'll click next and downloading everything it guesses.)
12. Paste network.predictor.enabled into the search box. Make sure the value is false.
    (More of the same.)
13. Paste network.dns.disablePrefetch into the search box. Make sure the value is true.
    (Yep, this too.)
14. Paste network.prefetch-next into the search box. Make sure the value is false.
    (Are you detecting a pattern)
15. Paste extensions.pocket.enabled into the search box. Make sure the value is false.
    (This is Mozilla's attempt to get you to save the contents of things you read to their servers.)
16. Paste browser.urlbar.trimURLs into the search box. Double-click on true so it turns to false.
    (This setting hides part of the address you've loaded, because someone at Mozilla thought it was prettier that way. We disable it because we don't want the browser to lie to us.)

Bonus round: save battery by killing AI

1. Paste browser.ml.linkPreview.enabled into the search box. Make sure the value is false.
   (This chews through your power and bandwidth to generate "previews" when you hover over a link.)
2. Paste browser.ml.chat.enabled into the search box. Make sure the value is false.
   (Mozilla has, for some reason, shipped a chatbot in Firefox. This turns it off.)
3. Paste browser.ml.enable into the search box. Make sure the value is false.
   (This is a catchall which disables "AI" features. It overlaps with some of the other settings here, but will hopefully stop future crap from running.)
   
4. Paste browser.tabs.groups.smart.enabled into the search box. Make sure the value is false.
   (Mozilla would like to rearrange the UI from time to time. This tells it not to.)
5. Paste browser.tabs.groups.smart.userEnabled into the search box. Make sure the value is false.
   (This does the same as the last one, but flips a different switch.)
6. Paste extensions.ml.enabled into the search box. Make sure the value is false.
   (This should disable the LLM plugin entirely.)
7. Things specific to Firefox Mobile
   Do these things in chrome://geckoview/content/config.xhtml
1. To disable "Allow websites to perform privacy-preserving ad measurement," set dom.private-attribution.submission.enabled to false.
2. To disable "Query OCSP responder servers," set security.OCSP.enabled to 0.
3. To disable "Block dangerous and deceptive content", set browser.safebrowsing.downloads.enabled to false.

Optional extra steps

• Add your own search engines: In about:config paste in "browser.urlbar.update2.engineAliasRefresh", make sure the "Boolean" radio button is selected, and click the plus sign on the far right. It should default to true. Now you can revisist the Search section and use the Add button you just earned. Use the form https://www.wiby.me/?q=%s with whatever search engine you want, using %s to stand in for the search term.
• Disable Firefox's inbuilt password manager and use a better one -- preferably one not integrated into your browser. Disable "Autofill" both for addresses and credit cards.
• Install the Cookie AutoDelete addon.
  This deletes tracking data when you close a tab. You can whitelist websites where you want to stay logged in. Make sure to click on it and enable Auto-clean!
• In about:config, find dom.event.clipboardevents.enabled and dom.allow_cut_copy and set them to false.
  This stops sites from tracking what you select, copy, or paste; it also stops sites from directly manipulating your clipboard. Turning these off may break sites like Google Docs or Office 365, so if you need those, skip this step.
• In about:config, find media.autoplay.default and set it to 5, which blocks all autoplaying. Other values include 2 to prompt and 1 to autoplay without sound. Why isn't '5' the default? Because browser vendors are your enemies. In its defense, Netflix will break with this setting.
• In about:config, paste the text ui.prefersReducedMotion, click the 'Number' option and the then the + button to the right. Set the value to 1 and click the checkbox to the right. This turns off all of the stupid tabs sliding around and so on.
• In about:config, find network.trr.mode and set it to 3. Then find network.trr.uri and set it to https://doh.mullvad.net/dns-query or https://dns.njal.la/dns-query. This forces all your DNS to the set endpoint using DoH. This effectively bypasses any local resolver you may have, such as a PiHole. In addition, many institutional networks block public DoH resolvers as a matter of policy. Be ready to revert network.trr.mode if DNS stops working in your browser.
• In about:config, find privacy.resistFingerprinting and set it to true. This makes it much harder for websites to infer your identity from browser idiocyncrasies. A lot of websites malfunction when this feature is activated. Be ready to revert this setting if something you use a lot falls over.
• In about:config, find media.peerconnection.enabled and set it to false.
  This disables WebRTC, which works by establishing direct connections between people's browsers -- potentially leaking information about your computer or network. However, WebRTC is used in some videoconferencing sites. If you're trying to video chat and it's not working you might need to turn this back on.
• In about:config, find browser.cache.disk.enable and set it to false. Find browser.cache.memory.capacity and set it to 512000. Find media.memory_cache_max_size and set it to 256000. This significantly reduces the amount of disk I/O for caching, which is much easier on your SSD. These settings may cause performance problems in Firefox. Experiment to find the right balance between healthy caching and performance.
• In about:config, find sidebar.revamp and set it to false.
  This turns off the waste of screen space on the left-hand side. For now.
• Go to DDG Privacy Essentials and click Add to Firefox
  This thing blocks a lot of advertising spyware and gives you a report on how abusive a given website is. You don't have to care, though.

This guide is the bare minimum I'll do to use the web. If you are interested in a more comprehensive guide, a better and more complete guide is available, so use that instead.