Guide to the Secure Configuration of Firefox
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Firefox feedback reporting must be disabled.
Feedback reporting feature may be disabled via administrative policy by setting <code>DisableFeedbackCommands</code> under <code>policies</code> to...Rule Medium Severity -
Enabled Firefox Fingerprinting Protection
Fingerprinting protection may be enabled by setting <code>Fingerprinting</code> to <code>true</code> under <code>EnableTrackingProtection</code> in...Rule Medium Severity -
Firefox must prevent the user from quickly deleting data.
The update check may be disabled in an administrative policy by setting the <code>DisableForgetButton</code> key under <code>policies</code> to <co...Rule Medium Severity -
Disable JavaScript's Raise Or Lower Windows Capability
JavaScript can configure and make changes to the web browser's appearance by specifically raising and lowering windows. This can be disabled by set...Rule Medium Severity -
The Firefox New Tab page must not show Top Sites, Sponsored Top sites, Pocket Recommendations, Sponsored Pocket Stories, Searches, Highlights, or Snippets.
Display of top sites may be disabled in an administrative policy by setting the following items under <code>FirefoxHome</code> to <code>false</code...Rule Medium Severity -
Firefox must be configured to not use a password store with or without a master password.
The update check may be disabled in an administrative policy by setting the <code>PasswordManager</code> key under <code>policies</code> to <code>f...Rule Medium Severity -
Enable Firefox Pop-up Blocker
The pop-up blocker can be enabled by setting <code>Default</code> key under <code>PopupBlocking</code> to <code>true</code> in <code>policies.json<...Rule Medium Severity -
Firefox private browsing must be disabled.
Private browsing may be disabled in an administrative policy by setting the <code>DisablePrivateBrowsing</code> key under <code>policies</code> to ...Rule Medium Severity -
Firefox search suggestions must be disabled.
Search Suggestions may be disabled in an administrative policy by setting the <code>SearchSuggestEnabled</code> key under <code>policies</code> to ...Rule Medium Severity -
Disable Installed Search Plugins Update Checking
Firefox automatically checks for updated versions of search plugins. To disable the automatic updates of plugins, set value of <code>browser.search...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.