Skip to content
Log In

Guide to the Secure Configuration of Firefox

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Disable Firefox Pocket

    Pocket may be disabled by setting DisablePocket to true in the policies file.
    Rule Medium Severity
    Show

  • Disable Firefox Studies

    Pocket may be disabled by setting DisableFirefoxStudies to true in the policies file.
    Rule Medium Severity
    Show

  • Firefox must be configured to not delete data upon shutdown.

    The default certificate to present may be configured by setting multiple options under SanitizeOnShutdown key.
    • Cache = false
    Rule Medium Severity
    Show

  • Firefox must be configured so that DNS over HTTPS is disabled.

    DNS over HTTPS feature may be disabled via administrative policy by setting Enabled under DNSOverHTTPS to false.
    Rule Medium Severity
    Show

  • Enabled Firefox Enhanced Tracking Protection

    Enhanced Tracking Protection may be enabled by setting browser.contentblocking.category to strict.
    Rule Medium Severity
    Show

  • Disabled Firefox Extension Recommendations

    Extension recommendations may be disabled by setting extensions.htmlaboutaddons.recommendations.enabled to false in the policy file.
    Rule Medium Severity
    Show

  • Firefox must be configured to not automatically update installed add-ons and plugins.

    Firefox has a feature to permit installed add-ons and plugins to automatically update. The check may be disabled in an administrative policy by setting the <code>ExtensionUpdate</code> key under <c...
    Rule Medium Severity
    Show

  • Firefox feedback reporting must be disabled.

    Feedback reporting feature may be disabled via administrative policy by setting DisableFeedbackCommands under policies to true.
    Rule Medium Severity
    Show

  • Enabled Firefox Fingerprinting Protection

    Fingerprinting protection may be enabled by setting Fingerprinting to true under EnableTrackingProtection in the policies file.
    Rule Medium Severity
    Show

  • Firefox must prevent the user from quickly deleting data.

    The update check may be disabled in an administrative policy by setting the DisableForgetButton key under policies to true.
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules