Browser Hardening: Take Back Your Privacy

Your browser knows things about you that would make a private investigator jealous. Every site you visit, every click, every scroll — it's all tracked, catalogued, and monetized. The big browser companies talk a big game about privacy, but at the end of the day, they're in the advertising business. Your data is their product.

But here's the thing: you don't have to play their game. You can take control. Browser hardening isn't about being paranoid — it's about being intentional. It's about deciding what you share and with whom.

Let's make your browser work for you.

Choose Your Weapon

Not all browsers are created equal when it comes to privacy. Here's the honest breakdown:

Firefox

Your best option for a mainstream browser that respects privacy. It's free, open source, and Mozilla (the non-profit behind it) actually fights for user rights. With the right configuration, Firefox is a privacy powerhouse. This guide focuses on Firefox.

Brave

A Chromium-based browser with built-in ad blocking and privacy features. It's come a long way, though some privacy purists worry about its ties to the advertising industry. Good option if you need Chrome extension compatibility.

LibreWolf

A Firefox fork designed from the ground up for privacy. It strips out all the telemetry, includes privacy extensions by default, and locks down settings aggressively. Great if you want the Firefox experience without the configuration work.

The Untouchables

Tor Browser is in a category of its own. It routes your traffic through the Tor network, making traffic analysis practically impossible. But it comes with tradeoffs — sites may break, and it's noticeably slower. Use it when you truly need anonymity, not for everyday browsing.

Pro tip: I use Firefox for daily browsing with hardening, and Tor Browser for sensitive tasks. Having more than one browser isn't paranoia — it's good OPSEC.

Essential Extensions

Extensions are like power tools — incredibly useful in the right hands, dangerous when misused. Be selective. Every extension you add is code running in your browser that can see everything you do.

uBlock Origin (Required)

This isn't optional. uBlock Origin blocks ads, trackers, and malware domains at the network level. It's more effective than any ad blocker extension and uses way less memory.

Install it, then go to the dashboard and enable these lists:

uBlock filters — the default blocking rules
EasyList — standard ad blocking
EasyPrivacy — blocks tracking scripts
Peter Lowe's Blocklist — blocks advertising servers
AdGuard DNS filter — additional blocking

In settings, also enable "I am an advanced user" and add these to "Dynamic filtering":

no-large-media: * true
no-scripting: * true

The first rule blocks large media elements that track you. The second disables JavaScript globally — but that's aggressive. Let's be more surgical.

Privacy Badger (or uMatrix)

Privacy Badger learns what's tracking you and blocks it automatically. It's from the EFF (Electronic Frontier Foundation), so it's trustworthy. It won't break sites as aggressively as uBlock's strict mode.

For the more adventurous, uMatrix gives you pixel-level control over what each site can load. But it requires more setup and maintenance.

ClearURLs

Ever notice those tracking codes in URLs? ?utm_source=twitter&ref=whatever. ClearURLs removes all that garbage automatically, keeping your browsing history cleaner.

Skip Redirect

Many sites don't link to pages directly — they link through tracking redirects first. Skip Redirect bypasses these intermediaries, getting you straight to the destination.

Don't Install

As a rule of thumb, avoid:

Password managers that aren't dedicated, established tools (Bitwarden, 1Password)
VPN extensions (most are just proxy services with poor security)
Free "VPN" services — if it's free, you're the product
Extensions you don't actively use

Firefox Privacy Settings

Now let's dive into Firefox's internal settings. Type about:config in your address bar and hit Enter. You'll see a warning — click "Accept the Risk and Continue". Now you're in the engine room.

Search Settings

browser.search.suggest.enabled = false — stops sending your search queries to providers
browser.urlbar.suggest.searches = false — same deal
keyword.enabled = false — prevents accidentally searching from the address bar

Telemetry (Kill It)

toolkit.telemetry.enabled = false
toolkit.telemetry.archive.enabled = false
datareporting.healthreport.enabled = false
datareporting.healthreport.uploadEnabled = false
browser.newtabpage.activity-stream.feeds.telemetry = false
browser.newtabpage.activity-stream.telemetry = false

Network and Connections

network.cookie.cookieBehavior = 1 — block third-party cookies
network.cookie.cookieThreshold = 1 — reject all cookies except for the current site
network.cookie.lifetimePolicy = 2 — cookies expire at end of session
network.http.referer.XOriginPolicy = 2 — only send referrer to exact domain
network.http.referer.trimmingPolicy = 2 — strip referrer to just the origin

Fingerprinting Protection

Browser fingerprinting is scary — websites can identify you without cookies, just by measuring your browser's unique characteristics. Firefox has built-in fingerprinting protection:

privacy.resistFingerprinting = true — this is the big one
webgl.disabled = true — WebGL can fingerprint your graphics card
media.peerconnection.enabled = false — WebRTC can leak your IP

Miscellaneous Hardening

geo.enabled = false — don't share your location
geo.provider.network.url = "" — disable geolocation API
media.navigator.enabled = false — block camera/mic access when possible
security.insecure_connection_icon.enabled = true — show warning for HTTP
extensions.pocket.enabled = false — Pocket is owned by Mozilla now and tracks

Warning: Some of these settings will break functionality on certain sites. If something doesn't work, you can always temporarily flip the setting back. Consider using Firefox's Container extensions (like Multi-Account Containers) to isolate problematic sites.

Firefox Preferences (GUI Settings)

Let's also check the regular settings. Go to Firefox Preferences (or Options):

Privacy & Security

Enhanced Tracking Protection = Strict
Cookies = Delete cookies and site data when Firefox is closed
History = Use custom settings for history → check "Clear history when Firefox closes"
Address Bar = Uncheck everything except Search Suggestions (if you want those)

Search

Default Search Engine = DuckDuckGo, Startpage, or Brave Search
Uncheck "Show search suggestions"
Uncheck "Provide search suggestions"
Uncheck "Show trending suggestions"

Sync

If you use Firefox Sync, be aware that Mozilla stores your data encrypted, but they hold the keys. For maximum security, consider not using sync, or using a different method to sync bookmarks (like a self-hosted service).

Search Engine Matters

Your search engine sees everything you type. That's a lot of data. Choose wisely:

DuckDuckGo — Doesn't log your searches, blocks trackers. Good default.
Startpage — Google's results without Google tracking you. Uses anonymous view.
Brave Search — Independent index, no tracking, decent results.
SearXNG — Self-host your own meta-search engine. Ultimate privacy.

I use DuckDuckGo most of the time, but run my own SearXNG instance for sensitive searches.

Good Browser Habits

Settings and extensions only get you so far. The biggest security weakness is usually between the keyboard and the chair.

Use Separate Browser Profiles

Firefox lets you create multiple profiles. I have one for general browsing, one for work, one for anything sensitive. Each has different settings, extensions, and cookies. They don't share data. Go to about:profiles to manage them.

Use Containers

Firefox Multi-Account Containers extension lets you isolate sites. Have a "Shopping" container, a "Social" container, a "Banking" container. Cookies don't leak between them. It's like having multiple browsers in one.

Regularly Clear Data

Make it a habit to clear your browsing data regularly. Firefox has a keyboard shortcut: Ctrl+Shift+Delete. Set it to clear everything (cache, cookies, history, form data) for "All Time".

Check Before You Click

That link in an email? Hover over it first. Does it go where it claims? Watch for typos in domain names (paypaI.com instead of paypal.com). When in doubt, navigate manually to the site instead of clicking.

Keep It Updated

Browser updates aren't just about new features — they're often security patches. Enable automatic updates. Don't stick with old versions because "they work fine."

The Fingerprinting Problem

Even with all these settings, websites can still fingerprint you. They measure:

Your screen resolution and window size
Your installed fonts
Your browser extensions
Your hardware (CPU, GPU)
How your browser renders certain elements
Your timezone
Your language settings

When you combine all these data points, you become uniquely identifiable. That's why privacy.resistFingerprinting is so important — it normalizes these values.

To test your fingerprinting resistance, visit:

amiunique.org — See how unique your browser is
coveryourtracks.info — EFF's Panopticlick successor
browserleaks.com — Comprehensive leak testing

With all hardening enabled, you should see yourself as "unique" but with some protections in place. Being completely invisible is nearly impossible without Tor Browser, but making yourself "just another user" is achievable.

Mobile Firefox

Don't forget your phone. Mobile browsers have different capabilities, but you can still harden them:

Enhanced Tracking Protection = Strict
Block cookies = All third-party (or all)
Don't allow Firefox to access location
Use Firefox Focus for one-off browsing sessions
Disable WebRTC if possible (may require extensions or about:config)

On iOS, you're somewhat limited by Apple's restrictions, but Firefox on iOS does have content blocking support now.

What's Missing

This guide covers the practical stuff. There's always more:

Tor Browser — For maximum anonymity (separate guide)
Linux — Using a privacy-respecting OS under your browser
VPN/Proxy — Hide your IP (but choose carefully)
DNS over HTTPS — Encrypt your DNS queries

But even implementing half of what we've covered here puts you ahead of 90% of internet users. You don't need perfect privacy — you just need to be harder to track than the next person.

Take Back Your Browser

The internet wasn't built to track you. It was built to share information. Somewhere along the way, advertising got involved, tracking became ubiquitous, and we all got used to being monitored.

But it doesn't have to be that way.

Every setting you change, every tracker you block, every extension you add — that's a small victory. It's you saying: "I decide what I share."

Start with one change today. Install uBlock Origin. Change your search engine. Just start.

Your browser is your window to the internet. Make it a window you control.

The revolution will not be proprietary.

Browser Hardening