Mozilla Firefox Privacy & Security Settings |
This page presents a guided tour of the major privacy and security preferences within the Mozilla Firefox browser. You will learn how to:
- find the Version of Firefox you're running
- clear the URL History
- clear the Cache
- disable Popups
- disable Java & JavaScript
- disable Automatic Software Installation
- disable, filter, and selectively manage Cookies
If you need more information about the key privacy and security issues that we'll cover on this page (the browser cache, the URL history, active content, and cookies), then see THIS page, which provides a short introduction to these several topics.
Browser Versions Covered
The screenshots you'll see are from Firefox 1.0, which was the latest version of Firefox at the time of writing. Previous versions of Firefox are quite similar to Firefox 1.0, though some of the settings you see below may be slightly different. In some earlier versions of Firefox -- esp. the very early versions known as Phoenix and Firebird -- you may not see the full range of options available in Firefox 1.0.
Firefox is only one of the wbe browsers available from the Mozilla Foundation. For a discussion of the privacy & security settings in the Mozilla Foundation's other web browser, the original Mozilla browser, see THIS page. And see THIS page for a discussion of the privacy and security settings in Netscape 7.0, which is also based on the Mozilla browser.
First Things First: What Version Do You Have? | |
Before we get started, let's figure out what version of Firefox you're running. You should know this information. | |
To find your version of Firefox, click Help >> About Mozilla Firefox on the Firefox menu bar... | |
A dialog box should open up with version information. | |
Right there is big bold letters is your version of Firefox -- Firefox 1.0, in this case. | |
When you have the information you need, close this version box to return to the web page you were on. | |
Configuring the Privacy & Security Options | |
Compared with Internet Explorer, Firefox's privacy and security settings are simpler and easier to manage, though they're more limited and less powerful in some ways. | |
1. | Open the Firefox Options Box |
Open the Options box from w/in Firefox (Tools >> Options). | |
Once the Options box opens, you'll see a number of menus and sub-menus from which Firefox lets you access most of its configuration options. | |
When you open the Options box in Firefox, you start with the General menu option. We select menu item categories from the tree menu on the left -- Firefox displays the corresponding options on the right. Our first major destination is the Privacy sub-menu. | |
The first thing we'll do is clear the URL History and Cache to protect the confidentiality of what we've done on the Net. For more information on the privacy issues involved with the URL History and Cache see THIS page. | |
2. | Clear URL History |
To access the URL History settings, click on the Privacy sub-menu on the left, then click the History option to expand the full range of settings. | |
From this page we can Clear the History and set the History to be kept in number of days. Once you hit the Clear button, it will be greyed out. | |
3. | Clear the Cache |
Still further down on the Privacy sub-menu are the Cache settings, which allow us to clear the Cache and set the Cache size in KB. Click on the Cache option to expand all the settings. | |
Click the Clear button to clean your Cache. | |
Where is the Cache Really Stored? | |
Note that the Cache settings in the Options box do not tell us where the
Cache is located on our hard drive, unlike many other browsers
(including the Mozilla browser).
If you're using Windows 95, Windows 98, or Windows Me, the location on the hard drive is probably: |
|
C:\Program Files\Firefox\Profiles\<user>\<num>\Cache | |
...where <user> is the username of the person currently using Firefox and <num> is a randomly generated directory name (these can look a bit strange). | |
If you're using Windows 2000 or Windows XP, the disk cache will be located here: | |
C:\Documents and Settings\<user>\Application Data\Firefox\Profiles\<user>\<num>\Cache | |
...where <user> is the username of the person logged on to Windows and <num> is a randomly generated directory name (again, a bit strange-looking). | |
Browser cache files can be viewed and manually deleted from this location, just as they can be viewed and manually deleted in Internet Explorer's \Temporary Internet Files folder. Keep in mind, though, that the \Temporary Internet Files folder that you see in your \Documents and Settings, \Windows , or \WINNT directory is for Internet Explorer only, not Firefox. | |
4. | Disable Popups |
The Firefox browser allows us to turn off or disable popups -- those annoying, obnoxious mini-windows that many web sites use to bombard you with advertising. | |
To access Firefox's popup controls, click the Web Features menu option on the left of the Options box. | |
Firefox gives us two basic approaches to popups:
The easiest and most effective approach to popups is to select Block Popup Windows (such as you see in the screenshot above) and then specify exceptions. |
|
There may be web sites that you frequently visit that use popups for
legitimate reasons -- to display additional information about an item, for
example. To allow those web sites to use popups, you can add them to the allowed
sites list (shown in the screenshot above).
Click the Add Site... button to open a dialog box that allows you to add sites to the list: |
|
To add a web site, type the domain name (e.g., uiuc.edu or cnn.com) and then click the OK button. Firefox will add the site to the list of allowed or unblocked sites. | |
The ability to suppress popups is a wonderful feature of the Firefox browser (Opera also has this ability), one that you'll appreciate almost immediately. | |
Popups & JavaScript | |
If you choose to suppress popups, there are fewer reasons to disable JavaScript, which we discuss below. The primary reason that people disable JavaScript is to suppress popups (most popups are created with JavaScript). Some web sites do use JavaScript for things other than popups, however. Some web sites may even require that JavaScript be enabled in order to function properly. Once we've chosen to suppress popups with Firefox's popup controls, however, we can leave JavaScript enabled (if we choose) without fear of being inundated with popups. | |
5. | Disable Java & JavaScript |
Even though we've disabled popups already, we might still want to consider disabling Java and JavaScript -- the two forms of "active content" that Firefox can use. For more information on the privacy and security issues involved with "active content," see THIS page. | |
Firefox's Java and JavaScript settings are also located on the Web Features menu just below the popup settings. | |
Java | |
To disable Java, uncheck the Enable Java checkbox. Note that with Java disabled, some web sites may not work properly. In those cases you can re-enable Java as needed on a site-by-site basis. |
|
JavaScript | |
To disable JavaScript, uncheck the Enable JavaScript box. Note that with JavaScript disabled, some web sites may not work properly. If we wanted to, we could leave JavaScript enabled and disable certain actions in the Advanced JavaScript Options. To access those Advanced options, click the Advanced... button. |
|
Leaving JavaScript enabled but placing limitations on the use of JavaScript allows web pages to use JavaScript, while preventing them from doing some of the more obnoxious things that some web sites do with JavaScript. Also, as we noted above, we can disable popups separately, giving us even fewer reasons to disable JavaScript. | |
So which strategy is better -- disabling JavaScript altogether or enabling/disabling specific actions for JavaScript? It all depends on the user and what that user's tolerance level is for broken web pages -- some web sites require JavaScript in order to function properly. | |
Potential Problems with Java & JavaScript Disabled | |
All of the Java and JavaScript options presented above are global, meaning that they apply to every web site visited. There is nothing in Firefox comparable to the Security zones used by Internet Explorer 4, 5, and 6, or the Privacy tab options seen in Internet Explorer 6. | |
This limitation can present problems when you encounter a web site that requires Java or JavaScript to be enabled in order to function properly. If you disable Java and JavaScript and then encounter a web site that requires either one to function properly, your only option is to re-enable Java or JavaScript. Once you re-enable Java or JavaScript, however, every web site that you visit will be able to make use of JavaScript. | |
JavaScript & Popups | |
One of the primary reasons that users might want to disable JavaScript is to prevent popups, which can be annoying and which are usually created with JavaScript. If you're primarily interested in disabling JavaScript to stop annoying popups, then you might consider simply disabling popups from the Web Features menu, as we did above. That option allows you to keep JavaScript enabled while still blocking popups. | |
6. | Disable Automatic Software Installation |
Firefox can install software automatically from web pages, however, this can be a dangerous option to leave enabled, esp. given that web sites are now starting to tailor their spyware and adware packages to be installed through the Mozilla, Netscape, and Firefox browsers (previously spyware and adware were automatically installed primarily through Microsoft's Internet Explorer browser). | |
Firefox's automatic software installation settings are also located on the Web Features menu just below the popup settings. Uncheck the Allow web sites to install software setting to disable automatic software installation. | |
Once you've disabled this setting, you should keep a few
things in mind:
|
|
Working with Cookies | |
Cookies are small "data tags" that allow web sites to recognize us when we return to those web sites. While cookies can be useful -- say, for being recognized at a web site with which we've registered -- they can also be used by advertisers to track our movements and behavior across the Net. To protect our privacy, we need to configure Firefox's cookie settings so that the browser stores only cookies that we find useful. For more information on the privacy issues involved with cookies, see THIS page. | |
Firefox provides us with a rich set of options for dealing
with cookies. We have two initial, main choices, each of which offers us range of
options. We can:
Additionally, we can use the Stored Cookies box to manage, delete, and block cookies selectively on a case-by-case basis. Let's look at each of these options for dealing with cookies in Firefox and detail what they present us. |
|
1. | Basic Cookie Configuration Options |
To get to Firefox's cookie options, click on the Privacy menu option on the left of the Options box, and then click the Cookies item to expand the Cookies settings. | |
On this menu Firefox gives us a basic set of options for handling cookies:
While these two basic options can be useful tools, those tools are a bit blunt. We may want more control over how Firefox handles cookies from web sites. In fact, our options do go beyond simply enabling and disabling cookies.
|
|
2. | Using the Exceptions List to Filter Cookies |
If we don't want to enable or disable cookies outright, we have still other choices. Instead of enabling or disabling cookies, we can use Firefox's Exceptions list to filter cookies on a site-by-site basis. | |
To access the Exceptions list, select the Exceptions... button. | |
In this Exceptions box we can Block and Allow sites on a site-by-site basis. Note that this is a list of Exceptions to whatever the primary cookie policy happens to be (enable or disable). To add a site to the list, type in the domain name (e.g., cnn.com or uiuc.edu) and hit the Block or Allow button. | |
This Exceptions list gives us the power to leave cookies enabled on the main cookies page (see above) while still blocking cookies from web sites that we'd prefer not to deal with. By turns, we could also disable cookies by default, but specify a small number of web sites that we trust and which we will allow to set cookies. | |
3. | Using the Stored Cookies Box to Manage, Delete, & Block Cookies |
If we simply disable Cookies, some web sites may not work properly. One
solution to this problem is to leave Cookies enabled, but selectively manage and delete cookies
after they're accepted. That way, we keep only the cookies we find useful.
We can easily manage and delete cookies in Firefox by hitting the Stored Cookies.. button, which brings up the Stored Cookies dialog box: |
|
The Stored Cookies box allows us to view and delete the cookies which
have been stored on our system.
If we check the Don't allow sites that set removed cookies to set future cookies at the bottom before removing cookies, the web sites which placed those cookies will be added to the Exceptions list (discussed above) and blocked permanently: |
|
Conclusion | |
I hope you've found this short tour of Firefox's privacy and security features interesting and helpful. If you need more assistance or still have questions, check the following web pages for links to information about web browser privacy and security: | |
© 2002-2004 Eric L. Howes |