Guide to the Secure Configuration of Firefox
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Firefox must be configured to allow only TLS 1.2 or above.
Firefox may be configured via administrative policy to allow TLS 1.2 at minimum by settingSSLVersionMintotls1.2.Rule Medium Severity -
Firefox accounts must be disabled.
Firefox accounts feature may be disabled via administrative policy by setting <code>DisableFirefoxAccounts</code> under <code>policies</code> to <c...Rule Medium Severity -
Disable Firefox Telemetry
Telemetry can be disabled by settingtoolkit.telemetry.enabledtofalse.Rule Medium Severity -
Firefox must not recommend extensions as the user is using the browser.
The extension recommendation messages may be disabled in an administrative policy by setting the <code>ExtensionRecommendations</code> key under <c...Rule Medium Severity -
Enable Certificate Verification
Firefox can be configured to prompt the user to choose a certificate to present to a website when asked. To enable certificate verification, set <c...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules