Firefox: some security settings to improve your privacy in 2021

deadeyes
4 min readSep 2, 2021

--

There’s not too much to explain here; when you want to stop WEBrtc and connectionpeer leaking your real IP address through a VPN, you do best to switch to Firefox. 2021 is the year chrome is definitely starting to suck, be warned.

Get Firefox first, then make some small adjustments to prevent your real IP leaking through VPNs and such. It’s all about privacy.

I’ll just drop the screenshots here, these were all done in Firefox v 91.0.2. but should stay the same for the foreseeable future.

Guide:

Go to about:config first and click “accept the risk” if you accept it of course :)

firefox about config
Firefox about config
in the normal Firefox settings at the bottom you’ll find the “network settings”
switch to Cloudflare over HTTPS (faster and more secure, reliable)
adjust to custom settings like shown above

Next, get the Malwarebytes anti-malware tool (it has a free plan, but also a paid plan that’s excellent!)
At the very least, install the FREE browser guard to get the most common nasty stuff out.
Get it here: https://www.malwarebytes.com/browserguard

Malwarebytes

Next you can also install “Ghostery” if you like, to further flush tracking online and enhance your privacy.

Get it here: https://www.ghostery.com/products/

To test / adapt your setup:

TEST 1: After restarting Firefox (to be sure) and starting your VPN (or not, depends on how well you want to hide) you can go to : https://www.doileak.com/classic.html Run the test and see if your webrtc and webgl is correctly disabled and not leaking your IP. This would already greatly improve your privacy, even without a VPN, some nasty plug-ins on websites can’t directly connect to you that way (or at least, have a more difficult time in order to do so).

There’s also a test on the browser privacy on itself:
https://tenta.com/test/

When you run the Do-i-leak test… you’ll get something like this screenshot below.

exaple test result

If there aren’t any RED statuses shown on the test result page, you’ll be fine.

To further finetune:

You’ll still have an ip leak on pure http requests, but that’s also preventable by using “https everywhere” option.

To adapt this in Firefox do the following
1- Click the menu button and select Settings in Firefox
2- Select Privacy & Security from the left menu
3- Scroll down to HTTPS-Only Mode and Select “Enable HTTPS-Only Mode in all windows”.
(see https://support.mozilla.org/en-US/kb/https-only-prefs ) for details

Additionally, I would recommend installing a pi-hole and running some good ad and tracking blockers on it. But that’s for another guide.
https://pi-hole.net/

Alternatively you can use Cloudflare for teams to adjust your DNS and a custom block list. https://www.cloudflare.com/en-gb/teams/

DNS:

You can use some DNS servers that value your privacy by manually changing your DNS server on to something better.
check https://servers.opennicproject.org/ or just use things like dns.watch or https://blog.uncensoreddns.org/

If you really want to enhance the privacy some further, or by pass some restrictions on streaming, you’re going to have to get a good VPN.

For casual use (even in-browser) : https://windscribe.com/
For more: https://protonvpn.com/ (various tiers)
If you want to have a more advanced setup there’s also Shellfire VPN, with a settop box like system to rout everything on you network over the VPN tunnel.
https://www.shellfire.net/

There’s also the Firefox adon (from Mozilla itself) to have an e-mail alias generated at places where you don’t want to put in your real e-mail address.
This ‘relay’ service places a firefox e-mail alias in the textbox and will redirect these emails to your real mailbox. You can easily delete and replace these aliases (capped at 5 in total). This allows you to have throw-away mail addresses, right from your browser, without using dodgy services or registering your own throw away shields.
Check their relay addon here: https://relay.firefox.com/accounts/profile/

There are many more services of course, but these are the ones I recommend right now.

deadeyes

--

--

deadeyes

Ik schrijf kortverhalen, technische info, verhalen en opinies over economie, maatschappij en leven in Antwerpen.