-
Notifications
You must be signed in to change notification settings - Fork 0
/
Firefox+TorAboutConfigSettings.txt
426 lines (277 loc) · 16.5 KB
/
Firefox+TorAboutConfigSettings.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
## #################################################################### ##
## Firefox+TorAboutConfigSettings.txt
## #################################################################### ##
## Firefox (and Tor) About:Config settings
## 8.18 KB
## >>> READ!!! THESE SETTINGS ARE NOT CONFIGURED IN TOR BY DEFAULT! :
Cookies are Enabled
Referer is not Hidden
Javascript is Enabled
Tab History is Enabled
Local Storage is Enabled
Fonts are Enabled
browser.cache.disk.capacity
browser.cache.offline.capacity
network.http.sendRefererHeader
network.http.referer.XOriginPolicy
network.http.referer.spoofSource
network.http.referer.trimmingPolicy
dom.storage.enabled
webgl.disabled
browser.sessionhistory.max_total_viewers
breakpad.reportURL
browser.send_pings.require_same_host
beacon.enable
dom.event.clipboardevents.enabled
security.ssl3.ecdhe_ecdsa_rc4_128_sha
security.ssl3.ecdhe_rsa_rc4_128_sha
security.ssl3.rsa_rc4_128_md5
security.ssl3.rsa_rc4_128_sha
Here's the Screenshot I took showing the Tor Default Settings > http://tinyurl.com/TorDefault
Here's the Screenshot I took showing Tor after my Security Tweaks > http://tinyurl.com/TorAnonA9
----------------------------------------------------------------
- About:Config -
Your browser/computer might be leaking DNS queries, you can save some kilobytes of transfer by disabling DNS-Prefetching and Link-Prefetching (network.dns.disablePrefetch - True). One very important option is to disable Canvas support > https://addons.mozilla.org/en-US/firefox/addon/canvasblocker
CanvasBlocker | About:Addons > CanvasBlocker Options > Block Mode: Block Everything
----------------------------------------------------------------
Recommended User Agent:
New String > general.useragent.override > Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0
----------------------------------------------------------------
WebRTC can be used to check your local IP address, so for privacy and security reasons you might want to disable it: media.peerconnection.enabled (False)
----------------------------------------------------------------
There is a built-in module in Firefox that improves your security, but steals your privacy and anonymity. The module reports what you download to Google servers to check if the file is infected with any kind of malware.
browser.safebrowsing.appRepURL (Blank)
browser.safebrowsing.downloads.enabled (False)
browser.safebrowsing.enabled (False)
browser.safebrowsing.gethashURL (Blank)
browser.safebrowsing.malware.enabled (False)
browser.safebrowsing.malware.reportURL (Blank)
browser.safebrowsing.reportErrorURL (Blank)
browser.safebrowsing.reportGenericURL (Blank)
browser.safebrowsing.reportMalwareErrorURL (Blank)
browser.safebrowsing.reportMalwareURL (Blank)
browser.safebrowsing.reportPhishURL (Blank)
browser.safebrowsing.reportURL (Blank)
browser.safebrowsing.updateURL (Blank)
services.sync.prefs.sync.browser.safebrowsing.enabled (False)
services.sync.prefs.sync.browser.safebrowsing.malware.enabled (False)
As for Google’s services in Firefox > Set the value of geo.wifi.uri to http://127.0.0.1 (or blank). Firefox uses Google Location Service to determine your physical location, disable it by changing geo.enabled to false.
----------------------------------------------------------------
You shouldn't save any data for caching on your drive, it can be easily recovered even after a long time.
browser.cache.disk.enable (False)
browser.cache.offline.enable (False)
browser.cache.disk.capacity (0)
browser.cache.offline.capacity (0)
----------------------------------------------------------------
- Hiding your referrers -
network.http.sendRefererHeader | Determines when to send the Referer HTTP header.
0: Never send the referring URL
1: Send only on clicked links
2 (default): Send for links and images
^ Set it to 1, or to 0 ^ (0 is the better option but may break a few websites)
----------------------------------------------------------------
network.http.referer.XOriginPolicy
0 (default): Always send
1: Send if base domains match
2: Send if hosts match
^ Set it to 1 ^
----------------------------------------------------------------
network.http.referer.spoofSource:
false (default): real referer
true: spoof referer (use target URI as referer)
^ Set it to true ^
----------------------------------------------------------------
network.http.referer.trimmingPolicy:
0 (default): send full URI
1: scheme+host+port+path
2: scheme+host+port
^ Set it to 2 ^
################ Updated Here ################
Add-ons I use:
HTTPS Everywhere - HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. Download: https://www.eff.org/https-everywhere
NoScript Security Suite - The best security you can get in a web browser! Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks. Download: https://addons.mozilla.org/en-US/firefox/addon/noscript
SSleuth - How strong is your HTTPS connection? SSleuth ranks an established SSL/TLS connection and gives a brief summary of the cipher suite, certificate and other SSL/TLS parameters. Download: https://addons.mozilla.org/en-US/firefox/addon/ssleuth
Cookie Controller - Buttons for managing site cookie permissions, switching global cookie permissions on and off, browsing cookies, and removing cookies. The same functions are included for local and session storage. Download: https://addons.mozilla.org/en-US/firefox/addon/cookie-controller
CanvasBlocker - Blocks the JS-API for modifying <canvas> to prevent Canvas-Fingerprinting.</canvas>. Download: https://addons.mozilla.org/en-US/firefox/addon/canvasblocker
################ Updated Here ################
DOM storage has become a much bigger threat to our privacy than the dreaded cookies were. Unfortunately this technology is certainly set to leave cookies in the dust, so changing the default value of this configuration to false is strongly recommended for security reasons. However, please note that it may cause a few web sites not to work properly at the same time.
dom.storage.enabled (False)
----------------------------------------------------------------
By setting network.prefetch-next to false, we are controlling the following:
Link prefetching, is when a web page hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user request.
network.prefetch-next (False)
----------------------------------------------------------------
webgl.disabled (True)
network.http.pipelining (True)
network.http.pipelining.ssl (True)
network.http.proxy.pipelining (True)
network.http.pipelining.maxrequests (10)
devtools.cache.disabled (True)
----------------------------------------------------------------
Browser.sessionstore.privacy_level
0 = Store extra session data for any site.
1 = Store extra session data for unencrypted
2 = Never store extra session data.
----------------------------------------------------------------
################ Updated Here ################
Reduce the amount of RAM Firefox uses for its cache feature:
browser.sessionhistory.max_total_viewers (0)
Reduce RAM usage to 10MB when Firefox is minimized:
New -> Boolean | config.trim_on_minimize | True
Don't cache HTTP or HTTPS files:
network.http.use-cache (False)
Disable crash reporting to Mozilla:
breakpad.reportURL (Blank)
Disable sending pings to 3rd party content hosts:
browser.send_pings.require_same_host (True)
Disable navigator.sendBeacon:
beacon.enable (False)
Disable letting websites know if you have info from them in your clipboard:
dom.event.clipboardevents.enabled (False)
----------------------------------------------------------------
################ Updated Here ################
Disable the least secure encryption protocols:
(Search RC4 in About:Config)
security.ssl3.ecdhe_ecdsa_rc4_128_sha (False)
security.ssl3.ecdhe_rsa_rc4_128_sha (False)
security.ssl3.rsa_rc4_128_md5 (False)
security.ssl3.rsa_rc4_128_sha (False)
Setting the above modified values disables RC4 in Firefox. RC4 is the least secure encryption protocol and even Microsoft recommends to disable it. Until recently, this was not possible without Youtube breaking.
RAW Paste Data
Firefox (and Tor) About:Config settings
>>> READ!!! THESE SETTINGS ARE NOT CONFIGURED IN TOR BY DEFAULT! :
Cookies are Enabled
Referer is not Hidden
Javascript is Enabled
Tab History is Enabled
Local Storage is Enabled
Fonts are Enabled
browser.cache.disk.capacity
browser.cache.offline.capacity
network.http.sendRefererHeader
network.http.referer.XOriginPolicy
network.http.referer.spoofSource
network.http.referer.trimmingPolicy
dom.storage.enabled
webgl.disabled
browser.sessionhistory.max_total_viewers
breakpad.reportURL
browser.send_pings.require_same_host
beacon.enable
dom.event.clipboardevents.enabled
security.ssl3.ecdhe_ecdsa_rc4_128_sha
security.ssl3.ecdhe_rsa_rc4_128_sha
security.ssl3.rsa_rc4_128_md5
security.ssl3.rsa_rc4_128_sha
Here's the Screenshot I took showing the Tor Default Settings > http://tinyurl.com/TorDefault
Here's the Screenshot I took showing Tor after my Security Tweaks > http://tinyurl.com/TorAnonA9
----------------------------------------------------------------
- About:Config -
Your browser/computer might be leaking DNS queries, you can save some kilobytes of transfer by disabling DNS-Prefetching and Link-Prefetching (network.dns.disablePrefetch - True). One very important option is to disable Canvas support > https://addons.mozilla.org/en-US/firefox/addon/canvasblocker
CanvasBlocker | About:Addons > CanvasBlocker Options > Block Mode: Block Everything
----------------------------------------------------------------
Recommended User Agent:
New String > general.useragent.override > Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0
----------------------------------------------------------------
WebRTC can be used to check your local IP address, so for privacy and security reasons you might want to disable it: media.peerconnection.enabled (False)
----------------------------------------------------------------
There is a built-in module in Firefox that improves your security, but steals your privacy and anonymity. The module reports what you download to Google servers to check if the file is infected with any kind of malware.
browser.safebrowsing.appRepURL (Blank)
browser.safebrowsing.downloads.enabled (False)
browser.safebrowsing.enabled (False)
browser.safebrowsing.gethashURL (Blank)
browser.safebrowsing.malware.enabled (False)
browser.safebrowsing.malware.reportURL (Blank)
browser.safebrowsing.reportErrorURL (Blank)
browser.safebrowsing.reportGenericURL (Blank)
browser.safebrowsing.reportMalwareErrorURL (Blank)
browser.safebrowsing.reportMalwareURL (Blank)
browser.safebrowsing.reportPhishURL (Blank)
browser.safebrowsing.reportURL (Blank)
browser.safebrowsing.updateURL (Blank)
services.sync.prefs.sync.browser.safebrowsing.enabled (False)
services.sync.prefs.sync.browser.safebrowsing.malware.enabled (False)
As for Google’s services in Firefox > Set the value of geo.wifi.uri to http://127.0.0.1 (or blank). Firefox uses Google Location Service to determine your physical location, disable it by changing geo.enabled to false.
----------------------------------------------------------------
You shouldn't save any data for caching on your drive, it can be easily recovered even after a long time.
browser.cache.disk.enable (False)
browser.cache.offline.enable (False)
browser.cache.disk.capacity (0)
browser.cache.offline.capacity (0)
----------------------------------------------------------------
- Hiding your referrers -
network.http.sendRefererHeader | Determines when to send the Referer HTTP header.
0: Never send the referring URL
1: Send only on clicked links
2 (default): Send for links and images
^ Set it to 1, or to 0 ^ (0 is the better option but may break a few websites)
----------------------------------------------------------------
network.http.referer.XOriginPolicy
0 (default): Always send
1: Send if base domains match
2: Send if hosts match
^ Set it to 1 ^
----------------------------------------------------------------
network.http.referer.spoofSource:
false (default): real referer
true: spoof referer (use target URI as referer)
^ Set it to true ^
----------------------------------------------------------------
network.http.referer.trimmingPolicy:
0 (default): send full URI
1: scheme+host+port+path
2: scheme+host+port
^ Set it to 2 ^
################ Updated Here ################
Add-ons I use:
HTTPS Everywhere - HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. Download: https://www.eff.org/https-everywhere
NoScript Security Suite - The best security you can get in a web browser! Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks. Download: https://addons.mozilla.org/en-US/firefox/addon/noscript
SSleuth - How strong is your HTTPS connection? SSleuth ranks an established SSL/TLS connection and gives a brief summary of the cipher suite, certificate and other SSL/TLS parameters. Download: https://addons.mozilla.org/en-US/firefox/addon/ssleuth
Cookie Controller - Buttons for managing site cookie permissions, switching global cookie permissions on and off, browsing cookies, and removing cookies. The same functions are included for local and session storage. Download: https://addons.mozilla.org/en-US/firefox/addon/cookie-controller
CanvasBlocker - Blocks the JS-API for modifying <canvas> to prevent Canvas-Fingerprinting.</canvas>. Download: https://addons.mozilla.org/en-US/firefox/addon/canvasblocker
################ Updated Here ################
DOM storage has become a much bigger threat to our privacy than the dreaded cookies were. Unfortunately this technology is certainly set to leave cookies in the dust, so changing the default value of this configuration to false is strongly recommended for security reasons. However, please note that it may cause a few web sites not to work properly at the same time.
dom.storage.enabled (False)
----------------------------------------------------------------
By setting network.prefetch-next to false, we are controlling the following:
Link prefetching, is when a web page hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user request.
network.prefetch-next (False)
----------------------------------------------------------------
webgl.disabled (True)
network.http.pipelining (True)
network.http.pipelining.ssl (True)
network.http.proxy.pipelining (True)
network.http.pipelining.maxrequests (10)
devtools.cache.disabled (True)
----------------------------------------------------------------
Browser.sessionstore.privacy_level
0 = Store extra session data for any site.
1 = Store extra session data for unencrypted
2 = Never store extra session data.
----------------------------------------------------------------
################ Updated Here ################
Reduce the amount of RAM Firefox uses for its cache feature:
browser.sessionhistory.max_total_viewers (0)
Reduce RAM usage to 10MB when Firefox is minimized:
New -> Boolean | config.trim_on_minimize | True
Don't cache HTTP or HTTPS files:
network.http.use-cache (False)
Disable crash reporting to Mozilla:
breakpad.reportURL (Blank)
Disable sending pings to 3rd party content hosts:
browser.send_pings.require_same_host (True)
Disable navigator.sendBeacon:
beacon.enable (False)
Disable letting websites know if you have info from them in your clipboard:
dom.event.clipboardevents.enabled (False)
----------------------------------------------------------------
################ Updated Here ################
Disable the least secure encryption protocols:
(Search RC4 in About:Config)
security.ssl3.ecdhe_ecdsa_rc4_128_sha (False)
security.ssl3.ecdhe_rsa_rc4_128_sha (False)
security.ssl3.rsa_rc4_128_md5 (False)
security.ssl3.rsa_rc4_128_sha (False)
Setting the above modified values disables RC4 in Firefox. RC4 is the least secure encryption protocol and even Microsoft recommends to disable it. Until recently, this was not possible without Youtube breaking.
create new paste / dealsnew! / api / trends / syntax languages / faq / tools / privacy / cookies / contact / dmca / scraping / go
Site design & logo © 2017 Pastebin; user contributions (pastes) licensed under cc by-sa 3.0 -- Dedicated Server Hosting by Steadfast