Being how things on the internet is these days security is needed!
When I worked on my version of K-Meleon db types browser it was for the
most part security. The internet has really changed in these last 10 years!
Back then the aim was mostly on getting speed out of the browser.
Now it's about security.
So with that here are the security settings I came up for K-Meleon db and
Firefox types. Always make a copy of your profile if you can.
This takes time but it is needed for the Firefox types.
As for the Chrome browser settings there is not a lot you can do.
There is a "chrome://flags" settings you can change but it is
not as useful as the Firefox settings.
https://beebom.com/chrome-flags-guide-to-enhance-web-browsing
To add a new setting to the Mozilla configuration, just type in "About:config"
Then when in there just right click & go to new,
then add what you want to add.
As in, add a new "boolean" & name it "nglayout.debug.disable_xul_cache"
Then put the value "true" that would be one setting done.
To change the value of a setting just click on it twice & change the value,
that is how it works.
Always search for the setting to see if it is there already.
If it is not in there put in the setting.
Remember:
"Integer is 1,2,3..."
"Boolean is True or False"
"String is Words etc!!!"
more info is at: http://kb.mozillazine.org/About:config
***Note if I update the settings the new update will be on the last
of the list. Also the three settings marked ~~!!!! is the settings that
has to be set stock for Twitter to work. The "dom.event.clipboardevents.enabled"
setting is a needed security setting so it's up to you on that!
***Note if I update the settings the new update will be on the last
of the list. Also the three settings marked ~~!!!! is the settings that
has to be set stock for Twitter to work. The "dom.event.clipboardevents.enabled"
setting is a needed security setting so it's up to you on that!
network.http.sendSecureXSiteReferrer
set to FALSE Or keep as TRUE for websites that use it like Twitter etc~~!!!!
network.http.sendRefererHeader
set to 0 Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
dom.event.clipboardevents.enabled
make a new Boolean named that and set it to FALSE
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
Me I prefer FALSE as it is a big security thing to me!
svg.enabled
dom.event.clipboardevents.enabled
make a new Boolean named that and set it to FALSE
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
Me I prefer FALSE as it is a big security thing to me!
svg.enabled
set to FALSE
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
dom.indexedDB.enabled
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
dom.indexedDB.enabled
set to FALSE
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
gfx.downloadable_fonts.enabled
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
gfx.downloadable_fonts.enabled
set to FALSE
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
Or keep the setting as it is for websites that use it like Twitter etc~~!!!!
layout.css.visited_links_enabled
set to FALSE
beacon.enabled
set to FALSE
browser.send_pings
set to FALSE
browser.cache.memory.enable
set to FALSE
beacon.enabled
set to FALSE
browser.send_pings
set to FALSE
browser.cache.memory.enable
set to FALSE
browser.cache.disk_cache_ssl
set to FALSE If you have a issue logging in set to norm!
browser.cache.disk_cache_ssl
set to FALSE If you have a issue logging in set to norm!
network.prefetch-next
set to FALSE
network.dns.disableIPv6
set to TRUE
javascript.options.ion
FALSE
javascript.options.baselinejit
FALSE
javascript.options.asmjs
FALSE
dom.serviceWorkers.enabled
FALSE
dom.serviceWorkers.interception.enabled
FALSE
dom.push.enabled
FALSE
dom.push.connection.enabled
FALSE
javascript.options.baselinejit
FALSE
javascript.options.asmjs
FALSE
dom.serviceWorkers.enabled
FALSE
dom.serviceWorkers.interception.enabled
FALSE
dom.push.enabled
FALSE
dom.push.connection.enabled
FALSE
security.xpconnect.plugin.unrestricted
set to FALSE
network.protocol-handler.external
set all listed to FALSE
network.protocol-handler.warn-external
set all listed to TRUE
browser.frames.enabled
frames is a setting for old Firefox browsers
frames is a setting for old Firefox browsers
it may not be effective in new browsers. set to FALSE
geo.enabled
See note about spoof Geolocation
on bottom of page. set to FALSE or TRUE if spoofed!
See note about spoof Geolocation
on bottom of page. set to FALSE or TRUE if spoofed!
geo.wifi.logging.enabled
set to FALSE
geo.provider.network.url
Delete the address in it and save
dom.battery.enabled
set to FALSE
webgl.disabled
set to TRUE turns off WebGL
editor.use_css
set to FALSE
media.webm.enabled
set to FALSE
dom.disable_window_status_change
set to TRUE
dom.event.contextmenu.enabled
set to FALSE
services.sync.prefs.sync.dom.event.contextmenu.enabled
set to FALSE
dom.disable_image_src_set
set to TRUE
media.peerconnection.enabled
set to FALSE If you use video chat set to TRUE turns off WebRTC
If set to FALSE can set other setting to FALSE Might be buggy setting! (A)
set loop.enabled
set to FALSE (A)
services.sync.prefs.sync.dom.event.contextmenu.enabled
set to FALSE
dom.disable_image_src_set
set to TRUE
media.peerconnection.enabled
set to FALSE If you use video chat set to TRUE turns off WebRTC
If set to FALSE can set other setting to FALSE Might be buggy setting! (A)
set loop.enabled
set to FALSE (A)
browser.blink_allowed
set to FALSE
dom.disable_window_move_resize
set to TRUE
services.sync.prefs.sync.dom.disable_window_move_resize
set to TRUE
dom.allow_scripts_to_close_windows
set to FALSE
dom.disable_window_flip
set to TRUE
services.sync.prefs.sync.dom.disable_window_flip
set to TRUE
dom.storage.default_quota
set to 1000 If you are having a hard time with videos it's this setting.
This is a needed security setting for me!
This is a needed security setting for me!
network.websocket.max-message-size
set to 2000000 If you are having a hard time with videos it's this setting.
This is a needed security setting for me!
This is a needed security setting for me!
offline-apps.quota.max
2000 If you are having a hard time with videos it's this setting.
This is a needed security setting for me!
dom.storage.enabled
set to TRUE it's needed for some add ons to work and other settings here.
This is a needed security setting for me!
dom.storage.enabled
set to TRUE it's needed for some add ons to work and other settings here.
browser.chrome.favicons
set to FALSE
browser.cache.offline.enable
set it to FALSE
browser.sessionstore.max_tabs_undo
set to 0
browser.sessionstore.max_windows_undo
set to 0
browser.sessionstore.resume_from_crash
set to FALSE
network.dnsCacheEntries
make a new Integer named that and set it to 0
network.dns.disablePrefetch
Set it to TRUE
network.dns.disablePrefetchFromHTTPS
set to TRUE
network.dnsCacheExpiration
make a new Integer named that and set it to 0
media.ogg.enabled
set to FALSE
media.enforce_same_site_origin
set to TRUE
dom.popup_allowed_events
open that and delete all in the setting. It will Kill all pop-ups
a needed thing!
nglayout.debug.disable_xul_cache
make a new Boolean named that and set it to TRUEnglayout.debug.disable_xul_fastload
make a new Boolean named that and set it to TRUE
this might slowdown the load up time but is for security.
browser.uidensity
set to 1 makes the tab smaller.
network.websocket.enabled
set to FALSE
extensions.pocket.enabled
set to FALSE and drag the pocket icon off the browser bar.
media.eme.enabled
set to FALSE
services.sync.prefs.sync-seen.media.eme.enabled
set to FALSE
services.sync.prefs.sync.media.eme.enabled
set to FALSE
media.gmp-eme-adobe.enabled
set to FALSE
browser.safebrowsing.enabled
set to FALSE or TRUE it does communicates with a third party,
Google by default, and also sends them metadata about your downloads. (A)
browser.safebrowsing.downloads.enabled
set to FALSE or TRUE (A)
browser.safebrowsing.malware.enabled
set to FALSE or TRUE (A)
services.sync.prefs.sync.browser.safebrowsing.malware.enabled
set to FALSE or TRUE (A)
privacy.trackingprotection.enabled
set to FALSE or TRUE (A)
device.sensors.enabled
set to FALSE
camera.control.face_detection.enabled
set to FALSE
camera.control.autofocus_moving_callback.enabled
set to FALSE
network.http.speculative-parallel-limit
set to 0 stops arbitrary links on a page by the simple act of
hovering over them, without your explicit permission.toolkit.telemetry.enabled
set to FALSE turns off telemetry, this setting might be locked
notable to change it so just go with the other settings. (A)
datareporting.healthreport.service.enabled
set to FALSE (A)
datareporting.healthreport.uploadEnabled
set to FALSE (A)
datareporting.policy.dataSubmissionEnabled
set to FALSE (A)
datareporting.sessions.current.clean
set to TRUE (A) set to TRUE!
devtools.onboarding.telemetry.logged
set to FALSE (A)
toolkit.telemetry.updatePing.enabled
set to FALSE (A)
browser.newtabpage.activity-stream.feeds.telemetry
set to FALSE (A)
browser.newtabpage.activity-stream.telemetry
set to FALSE (A)
browser.ping-centre.telemetry
set to FALSE (A)
toolkit.telemetry.bhrPing.enabled
set to FALSE (A)
toolkit.telemetry.firstShutdownPing.enabled
set to FALSE (A)
toolkit.telemetry.hybridContent.enabled
set to FALSE (A)
toolkit.telemetry.newProfilePing.enabled
set to FALSE (A)
toolkit.telemetry.reportingpolicy.firstRun
set to FALSE (A)
toolkit.telemetry.shutdownPingSender.enabled
set to FALSE (A)
toolkit.telemetry.unified
set to FALSE (A)
toolkit.telemetry.updatePing.enabled
set to FALSE (A)
toolkit.telemetry.archive.enabled
set to FALSE (A)
toolkit.telemetry.server
delete everything in it (A)
toolkit.telemetry.ecosystemtelemetry.enabled
set to FALSE (A)
toolkit.telemetry.shutdownPingSender.enabledFirstSession
set to FALSE (A)
browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint
Delete the address in it and save (A)
browser.newtabpage.activity-stream.telemetry.structuredIngestion
set to FALSE (A)
browser.newtabpage.activity-stream.telemetry.ping.endpoint
set to FALSE (A)
browser.newtabpage.activity-stream.telemetry.ut.events
set to FALSE (A)
browser.urlbar.eventTelemetry.enabled
set to FALSE (A)
media.wmf.deblacklisting-for-telemetry-in-gpu-process
set to FALSE (A)
permissions.eventTelemetry.enabled
set to FALSE (A)
security.certerrors.recordEventTelemetry
set to FALSE (A)
security.identitypopup.recordEventTelemetry
set to FALSE (A)
security.ssl.errorReporting.url
set to FALSE (A)
services.sync.telemetry.maxPayloadCount
set to 0 (A)
services.sync.telemetry.submissionInterval
set to 0 (A)
telemetry.origin_telemetry_test_mode.enabled
set to FALSE
***That is it! I hope it keeps you safe.
Other that that are some addons that are needed in Firefox!
As a start a "Locked Profile" is when most of the files in the profile is set to
"Hidden, Archive, Read-Only." All but "cert8.db and key3.db"
they need to be set to "Hidden, Archive." Also the "webappsstore.sqlite"
needs to be opened in WordPad & all deleted, then type in "Privacy Program"
& save, then set it to "Hidden, Archive, Read-Only."
As a start a "Locked Profile" is when most of the files in the profile is set to
"Hidden, Archive, Read-Only." All but "cert8.db and key3.db"
they need to be set to "Hidden, Archive." Also the "webappsstore.sqlite"
needs to be opened in WordPad & all deleted, then type in "Privacy Program"
& save, then set it to "Hidden, Archive, Read-Only."
Also after doing that I would copy the "webappsstore.sqlite"
three times and
open them in WordPad & delete everything and leave it blank
re-name the files "cookies.sqlite-journal" "cookies.sqlite" and
"cookies.sqlite.bak" also make sure its set to "Hidden, Archive, Read-Only."
Your cookie files are now Read-only with no info in them!
open them in WordPad & delete everything and leave it blank
re-name the files "cookies.sqlite-journal" "cookies.sqlite" and
"cookies.sqlite.bak" also make sure its set to "Hidden, Archive, Read-Only."
Your cookie files are now Read-only with no info in them!
With a locked profile these files will pop up when you get around.
"prefs-1.js---localstore-1.rdf"---"NoScriptSTS.db.tmp."
if you have "NoScript." Or others!
So that is where you need that old program CookieMuncher that deletes those
files as they get on your PC. It is zipped in the FFILESyou can download at:
https://www.dropbox.com/s/vwp31zb4ufmsbx8/KMFILES-NEW.zip?dl=0
More info about a "Locked Profile" is at:
https://walmartramen.blogspot.com/2020/03/browser-locked-profile.html
After you set what files to delete you will have to go find the "cookiem" file & the
"CookieMuncher.exe"
Re-name the "CookieMuncher.exe" file &
keep the "cookiem" name and set everything to "Hidden, Archive, Read-Only."
with a short cut to the "CookieMuncher.exe" file so you can turn it on and off.
Don't forget to rename the Firefox.exe in the Firefox program files and
make a shortcut to your desktop etc.
Then set the Firefox program file, all files to "Hidden, Archive, Read-Only."
Don't forget to rename the Firefox.exe in the Firefox program files and
make a shortcut to your desktop etc.
Then set the Firefox program file, all files to "Hidden, Archive, Read-Only."
***You will get the hang of it.
Just for FYI have you tried typing in:
about:mozilla
about:robots
chrome://browser/content/browser.xul
Others at:
***There are some Chrome Extensions that are useful!
I need to note that many ad-blockers or other security extensions has
conflicts with "Scriptsafe" So for a ad-blocker I would just use
adblock for youtube as it works with no issues!
https://chrome.google.com/webstore/detail/history-eraser/gjieilkfnnjoihjjonajndjldjoagffm?utm_source=chrome-app-launcher-info-dialog
https://chrome.google.com/webstore/detail/disable-html/lfhjgihpknekohffabeddfkmoiklonhm?utm_source=chrome-app-launcher-info-dialog
You can spoof Geolocation in Firefox. Sometimes you will note that when
Geolocation
turned off,
and when you test it, it still shows up as on!
So the best way to fix it is to spoof it!
In about:config look for "geo.wifi.uri" then
put in: