From 7fed732a17137bf2f564c8495c88efb04161c59c Mon Sep 17 00:00:00 2001
From: HJ <11689349+yokoffing@users.noreply.github.com>
Date: Mon, 21 Aug 2023 22:00:11 -0400
Subject: [PATCH] Updated Optional Hardening (markdown)

---
 Optional-Hardening.md | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/Optional-Hardening.md b/Optional-Hardening.md
index 98eccc0..65a36fb 100644
--- a/Optional-Hardening.md
+++ b/Optional-Hardening.md
@@ -55,28 +55,23 @@ You can **allow exceptions** if you want to stay logged in to some sites:
 ```
 // PREF: clear browsing data on shutdown, while respecting site exceptions
 user_pref("privacy.sanitize.sanitizeOnShutdown", true);
-user_pref("privacy.clearOnShutdown.history", true);
-user_pref("privacy.clearOnShutdown.downloads", true);
-user_pref("privacy.clearOnShutdown.formdata", true);
-user_pref("privacy.clearOnShutdown.sessions", true);
 user_pref("privacy.clearOnShutdown.offlineApps", true);
-user_pref("privacy.clearOnShutdown.siteSettings", false);
 user_pref("browser.sessionstore.privacy_level", 2);
 ```
 
 ***
 
 ### Secure DNS (DoH setup)
-Mode 3 has site-exceptions with a nice UI on the error page:
-* Go to `☰` *→ Settings → Privacy & Security → DNS over HTTPS → Manage Exceptions*
+1) `network.trr.uri`: Use the one provided, or customize how DoH protects you.
+   * [Create a profile](https://nextdns.io/?from=xujj63g5) with NextDNS and follow our [configuration guide](https://github.com/yokoffing/NextDNS-Config).
 
-For `network.trr.uri`: use the one provided, or customize how DoH protects you:
-1) [Create a profile](https://nextdns.io/?from=xujj63g5) with NextDNS and follow our [configuration guide](https://github.com/yokoffing/NextDNS-Config).
-2) Add your endpoint to `network.trr.uri`.
+2) `network.trr.mode`: Set to `2` if your work or university doesn't allow alternative DNS.
+   * `3` has site-exceptions with a nice UI on the error page:
+      * Go to `☰` *→ Settings → Privacy & Security → DNS over HTTPS → Manage Exceptions*
 ```
 // PREF: enforce DNS-over-HTTPS (DoH)
-user_pref("network.trr.mode", 3); // Max Protection
-user_pref("network.trr.uri", "https://freedns.controld.com/x-hagezi-proplus"); // custom endpoint
+user_pref("network.trr.uri", "https://freedns.controld.com/x-hagezi-proplus");
+user_pref("network.trr.mode", 3);
 user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
 ```