notkshitij/Betterfox
1
0
Fork 0
mirror of https://github.com/yokoffing/Betterfox.git synced 2026-06-12 15:40:48 +05:30
Code Issues Releases Wiki Activity

Updated Optional Hardening (markdown)

yokoffing
2023-10-10 14:35:53 -04:00
parent d2c6e80063
commit 1daefa13c0
1 changed files with 28 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Optional-Hardening.md
+28 -26
@@ -28,20 +28,14 @@ user_pref("browser.firefox-view.feature-tour", "{\"screen\":\"\",\"complete\":tr
*** ***
### Password management across devices ### Password management across devices
Disable saving passwords, credit cards, and addresses if you use a password manager. Disable saving passwords, credit cards, and addresses.
:bulb: We recommend using [Bitwarden](https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/) to manage your credentials on multiple devices. :bulb: We recommend using [Bitwarden](https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/) to manage your credentials on multiple devices.
#### Logins & passwords
* `☰` *→ Settings → Privacy & Security → Logins and Passwords → Ask to save logins and passwords for websites*
```javascript ```javascript
// PREF: disable password manager // PREF: disable password manager
user_pref("signon.rememberSignons", false); user_pref("signon.rememberSignons", false);
```
#### Addresses & credit cards
* `☰` *→ Settings → Privacy & Security → Forms and Autofill*
```javascript
// PREF: disable address and credit card manager // PREF: disable address and credit card manager
user_pref("extensions.formautofill.addresses.enabled", false); user_pref("extensions.formautofill.addresses.enabled", false);
user_pref("extensions.formautofill.creditCards.enabled", false); user_pref("extensions.formautofill.creditCards.enabled", false);
@@ -63,8 +57,8 @@ user_pref("urlclassifier.features.socialtracking.skipURLs", "");
Do not show top sites when you click on the address bar. Do not show top sites when you click on the address bar.
* `☰` *→ Settings → Privacy & Security → Address Bar → Shortcuts* * `☰` *→ Settings → Privacy & Security → Address Bar → Shortcuts*
```javascript ```javascript
// PREF: restore top sites dropdown suggestions with empty query // PREF: do not show top sites dropdown suggestions with empty query
user_pref("browser.urlbar.suggest.topsites", false); // Shortcuts (Top Sites) user_pref("browser.urlbar.suggest.topsites", false);
``` ```
*** ***
@@ -72,10 +66,6 @@ user_pref("browser.urlbar.suggest.topsites", false); // Shortcuts (Top Sites)
### HTTPS-Only Mode ### HTTPS-Only Mode
We already [block](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L810-L827) HTTP subresources from loading on HTTPS pages and [attempt to upgrade](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L545-L550) HTTP site navigation to HTTPS. We already [block](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L810-L827) HTTP subresources from loading on HTTPS pages and [attempt to upgrade](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L545-L550) HTTP site navigation to HTTPS.
* `☰` *→ Settings → Privacy & Security → HTTPS-Only Mode*
To add to your overrides, choose between two options below.
#### Option 1: Private windows only #### Option 1: Private windows only
Firefox will get explicit permission from you before connecting to a site insecurely in [Private Browsing](https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history) (Firefox [incognito mode](https://support.mozilla.org/en-US/kb/common-myths-about-private-browsing)). Firefox will get explicit permission from you before connecting to a site insecurely in [Private Browsing](https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history) (Firefox [incognito mode](https://support.mozilla.org/en-US/kb/common-myths-about-private-browsing)).
```javascript ```javascript
@@ -152,19 +142,7 @@ You can allow exceptions if you want to stay logged in to some sites.
*** ***
### Secure DNS ### Secure DNS
Setup and enforce DNS-over-HTTPS (DoH). Setup and enforce [DNS-over-HTTPS](https://support.mozilla.org/en-US/kb/firefox-dns-over-https) (DoH).
#### Mode
`3` has site-exceptions with a nice UI on the error page.
* `☰` *→ Settings → Privacy & Security → DNS over HTTPS → Manage Exceptions*
:warning: Set to `2` if your workplace or university causes issues with alternative DNS.
```javascript
// PREF: enforce DNS-over-HTTPS (DoH)
user_pref("network.trr.mode", 3);
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
```
#### Provider #### Provider
Use the provider below for better [threat protection](https://quad9.net/service/threat-blocking/). Use the provider below for better [threat protection](https://quad9.net/service/threat-blocking/).
@@ -175,6 +153,30 @@ Use the provider below for better [threat protection](https://quad9.net/service/
user_pref("network.trr.uri", "https://dns.quad9.net/dns-query"); user_pref("network.trr.uri", "https://dns.quad9.net/dns-query");
``` ```
#### Option 1: Increased Protection
[Increased Protection](https://support.mozilla.org/en-US/kb/dns-over-https#w_protection-levels-explained) will switch back to your local provider if there are any issues.
:bulb: Use this setting if your workplace or university causes issues with alternative DNS.
```javascript
// PREF: enforce DNS-over-HTTPS (DoH)
user_pref("network.trr.mode", 2);
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
user_pref("network.trr.max-fails", 5);
```
#### Option 2: Max Protection
[Max Protection](https://support.mozilla.org/en-US/kb/dns-over-https#w_protection-levels-explained) displays user-friendly error pages with custom exceptions.
```javascript
// PREF: enforce DNS-over-HTTPS (DoH)
user_pref("network.trr.mode", 3);
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
```
#### Manage exceptions
[Add sites to the Exceptions list](https://support.mozilla.org/en-US/kb/dns-over-https#w_off).
* `☰` *→ Settings → Privacy & Security → DNS over HTTPS → Manage Exceptions*
*** ***
### Require Safe Negotiation ### Require Safe Negotiation