Safe Browsing settings in Firefox

From Proxmox VE
Jump to: navigation, search

Introduction

Till recently (FF v36), Firefox options were being faithfully obeyed. If the updates were disabled, it remained so. Not anymore. Firefox first included their own chat called Hello Chat (codenamed Loop) that required access to the internet both ways (port 80) and promptly opened the Windows firewall if it found it blocked - on every invocation! This suite of internet dependant features were later expanded to include Pocket. Pocket is a popular read-it-later service that allows you to save web pages for reading later. Mozilla is tying up with various Web Service providers and the bouquet of Firefox integration is set to expand.

Loop and Pocket config settings

For now, the Windows firewall remains untouched if the following settings in "about:config" url in the browser are set:

loop.enabled = false
pocket.enabled = false (only on later browsers)

Manual Update settings

One of the reasons to set Firefox to be manually updated is because some important addons many not be compatible with the newer Firefox versions.

Even this Firefox option to manually update fails to be obeyed in its recent versions removing the user's choice of disabling updates.

The menu navigation to achieve it has traditionally been:

Tools => Options => Advanced Tab => Update Sub Tab =>

  • Firefox updates section => Never check for updates radio choice
  • Automatically update section => Search Engine checkbox unticked.

This now needs to be buttressed with the following file changes:

Edit the C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js file and replace "release" to "false" or some random string so that the Update URL remains invalid. (Your %PROGRAMFILE% variable may be different).

On a fresh installation of Firefox, it will generally automatically update itself and this can be seen in the Help => About Firefox screen. The above edit should prevent it.

Addons Updation settings

Further settings in the "about:config" page that prevent auto updates to addons and logging defaults are:

app.update.auto = false
app.update.enabled = false
app.update.log = true
app.update.service.enabled = false
app.update.url = ...blank.... => Remove the URL value!
browser.search.update = false
browser.search.update.log = true
browser.startup.homepage = http://www.google.com.ca
browser.startup.page = 0
datareporting.healthreport.uploadEnabled = false
devtools.scratchpad.recentFilePaths = ...blank.... => Remove the URL value!
network.http.speculative-parallel-limit = 0
network.prefetch-next = false

Other possible tweaks that may be altered at will:

browser.newtab.url = about:blank
browser.search.countryCode = CA
browser.search.region = CA

Firefox Hello does media sharing using SSDP/UPnP (Roku or Chromecast): According to bugzilla this can not be disabled, but the following "about:config" manages it now by default:

browser.casting.enabled = false

Firewall Port Openings

Firefox seems to use TCP/IP connection for some kind of inter process communication. There is traffic across these connections, as soon as you start it up. This doesn't warrant opening to everything the way it does, at least not without notifying the user. But it's been doing it for a while. You can restrict the rules to only apply to and from localhost (127.0.0.1), without any detriment.

Bookmarks - Backup and Restore

Traditionally, Firefox bookmarks were in a bookmarks.html file. It now resides in places.sqlite, places.sqlite-shm and places.sqlite-wal files in C:\Documents and Settings\%USER%\Application Data\Mozilla\Firefox\Profiles\%FFprofile%.default folder. In a subfolder under it called bookmarkbackups where bookmarks backups are stored in files with .jsonlz4 extension. Deleting the places.* files while having the last jsonlz4 file in the bookmarkbackups folder. This will re-create the places.* files restoring the last known good backup of the bookmarks.

References