Safe Browsing: 14. Firefox Security Basics

Reader Toolbox   Log in for more tools

14. Firefox Security Basics

The following screens presume you are using Firefox 3.6.3. If you are not, you need to upgrade. The theme I am using is Office 2007 Black. Your screens will look slightly different depending on your preferred theme, but the screen choices should be identical.  Most Firefox users are also IE users, so it will be noted where in IE to find the comparable commands or to indicate how IE handles a particular feature differently.

Add-ons

The Add-ons screen for Firefox is different than the screen in IE, but it enables you to do the same thing- turn Flash and other misbehaving add-ons off when you don't want them running. Firefox uses the older Netscape terminology of "Plug-in" for things like Flash, but it is talking about the same thing.

To open the Add-ons window, in the menu bar click Tools/Add-ons. A dialog box will pop-up.

  • Go to the Plug-ins tab.
  • Click the "Find Updates" button at the bottom edge of the dialog box to check for updates. You may need to do this multiple times as all your plug-ins may need updating. Each update will probably require a restart of your browser.
  • Check the plug-in version number after each restart to ensure the most recent one has been installed.
  • Under plug-ins, disable all entries for PDF, Flash and Shockwave.
  • Disable any other plug-ins you don't recognize or that look suspicious.

This will prevent the Flash player from running at all. Your web pages may have large white space gaps in them (it's amazing what they will stick Flash into) and you may see notices that you have to install Flash player. You don't – you just have to turn it back on.

To re-enable Flash (or any other plug-in), click Tools/Add-ons/Plug-ins, click on the Flash bar, click the Enable button.

Set Browser Options

Go to Tools/Options. In the tabs, from left to right:

General

  • Always ask you where to save a file. This makes file downloads report to you.   (IE always asks where to save files.)
  • There is a button in General that takes you to the Add-ons dialog.

Tabs

Skip.

Content

  • Block pop-up windows. Use the Exceptions button to allow pop-ups from approved sites. You will also be able to do this on the fly. (Located under the Privacy tab in IE. Functions the same.)
  • Check to enable JavaScript, and then click the "Advanced…" button. (IE handles advanced JavaScript by the default security zones under the Security tab. You can customize the settings as desired.)

Uncheck the following:

  • Raise or lower windows. This prevents windows from being moved off the visible screen.
  • Hide status bar. The status bar shows you a lot of information.
  • Change status bar text. This prevents false reporting in the status bar.

Applications

Skip.

Privacy

  • Most privacy settings are hidden by default.
  • Change the drop down menu from "Remember History" to "Use custom settings for history".
  • Decide if you always want to browse in a private browsing session. It is comparable to InPrivate browsing in IE.
  • Set preferred length of time for browsing history.
  • Choose whether you want download, search and form history to be preserved. I generally say no.
  • Uncheck "Accept cookies from sites".
  • Check "Clear history when Firefox closes".
  • Click the "Exceptions" button.
  • Add sites where you will accept cookies. Because you don't have zones, as in IE, you don't have a set of trusted sites. Even so, you can manually create these directly in Firefox. It is worth the time to identify and allow these sites. IE handles these through Security zones.
  • If all you want to accept for a specific site are session cookies, indicate that. IE has a global setting for session cookies in the Privacy/Advanced screen.
  • Click "Close" when done.
  • On the main privacy screen, click "Show Cookies".
  • Review the cookies already on your system. Remove anything you don't recognize and/or don't want. (I recently cleared all Firefox cookies, so my screen is blank.)
  • IE stores cookies in the Temporary Internet Files folder. Firefox shows you the cookies, but not the other files, such as CSS and images.
  • Click "Close" to return to the main Privacy screen.
  • Click on "Settings…"
  • In the Settings for Clearing History screen, select what you want Firefox to clear when you quit the program.
  • I leave browsing history, but delete all the other history information.
  • In IE, History settings are in the General tab. IE does not maintain a download history. It does allow you to selectively keep cookies and temporary files from Favorite web sites, and it will kill active login when you shut down the browser.

Security

  • Check "Warn me when sites try to install add-ons". Click the Exceptions button and remove all sites. Every site that tries to install something needs to ask your permission first! IE handles this with security zone settings.
  • Check "Block reported attack sites". IE handles this with the SmartScreen Filter.
  • Check "Block reported web forgeries". IE handles this with the SmartScreen Filter.
  • As Firefox is not my default browser, I do not allow it to save passwords.

Advanced

This section uses sub tabs. Be sure you check them all out.

General

  • Check "Warn me when web sites try to redirect or reload the page."
  • Check other boxes as desired.

Network

Skip.

Update

  • Check Firefox for automatic updates.
  • Check other automatic updates as desired
  • Select the Firefox download and update option that works best for you. I tell it to ask me what I want to do.
  • IE updates are part of routine Microsoft Update schedules.

Encryption

Skip

Click "OK" to have your changes take effect.

As with IE, I've ended up with a very plain overall look. The menu bar is turned on and some of the add-ons have added their own icons. The Web Developer icon tool bar always displays since my primary use for Firefox is development, not daily web browsing. I can get to several searches with the search drop-down.

That completes a basic security set-up for Firefox. Just as with IE, after you have tightened down your browser settings, you will have a few days where it will be very annoying to visit sites because you will constantly be prompted to make decisions about cookies, asked if you trust a certain web site, have pages be completely blank because they are 100% flash, and so on. This is a good exercise to go through because it will make you very aware of just how the sites you visit are trying to access your computer and stick stuff onto it that is for their benefit, not yours. Persevere and wade through the messages. In a week's time, you will visit all of your regular sites and you will have worked out just how you want them to interact with your machine.


This is a work of fan fiction, written because the author has an abiding love for the works of J R R Tolkien. The characters, settings, places, and languages used in this work are the property of the Tolkien Estate, Tolkien Enterprises, and possibly New Line Cinema, except for certain original characters who belong to the author of the said work. The author will not receive any money or other remuneration for presenting the work on this archive site. The work is the intellectual property of the author, is available solely for the enjoyment of Henneth Annûn Story Archive readers, and may not be copied or redistributed by any means without the explicit written consent of the author.

Story Information

Author: Anglachel

Status: General

Completion: Complete

Era: Other

Genre: Research Article

Rating: General

Last Updated: 06/19/10

Original Post: 06/14/10

Go to Safe Browsing overview

Comments

No one has commented on this story yet. Be the first to comment!

Comments are hidden to prevent spoilers.
Click header to view comments

Talk to Anglachel

If you are a HASA member, you must login to submit a comment.

We're sorry. Only HASA members may post comments. If you would like to speak with the author, please use the "Email Author" button in the Reader Toolbox. If you would like to join HASA, click here. Membership is free.

Reader Toolbox   Log in for more tools