Firefox profile setup for Windows 10/11
and for linux

• Get 64-bit version here: https://www.mozilla.org/en-US/firefox/developer/
• Install without “maintenance service” (automatic updates)
• Launch Firefox. Sign in to your Firefox Account.
• Profile will be created. Visible with about:profiles

If you install from store, the profile is at c:\Users\TPyyhtia\AppData\Local\Packages\31856maltejur.LibreWolf_ssmwz6s360tct\LocalCache\Roaming\librewolf\Profiles\xkroxlaa.default-default\

Install Sidebery for vertical tabs.

Create userChrome.css at %APPDATA%\Mozilla\Firefox\Profiles\...\chrome\

Edit [2025-02-07 Fri]: Windows Store sandboxed Librewolf, the path for userChrome.css is:

c:\Users\TPyyhtia\AppData\Local\Packages\31856maltejur.LibreWolf_ssmwz6s360tct\LocalCache\Roaming\librewolf\Profiles\xkroxlaa.default-default\chrome\

Then edit it to contain:

/* After Firefox 69 for userChrome.css to work, about:config toolkit.legacyUserProfileCustomizations.stylesheets --> True
https://github.com/mbnuqw/sidebery/wiki/Firefox-Styles-Snippets-(via-userChrome.css)*/

/* hide titlebar: https://www.reddit.com/r/FirefoxCSS/comments/f9hnt3/how_to_disable_or_hide_the_title_barminimizeclose/*/
#titlebar {
visibility: collapse !important;
}

/* hides the native tabs, needed in addition to 'hide titlebar:' after Firefox 133 to hide top bar tabs and titlebar */
#TabsToolbar {
  visibility: collapse;
}

/* Hide back/forward buttons: https://www.reddit.com/r/FirefoxCSS/comments/8nogqc/can_i_hide_backforward_buttons_next_to_the/ */
#forward-button, #back-button {
display: none !important;
}

/* remove 'Tree Style Tab' header from sidebar
https://www.reddit.com/r/firefox/comments/72kt5x/tree_style_tab_its_finally_here/*/
#sidebar-header {
  display: none;
}

Do rest of the Sidebery UI-changes in its options, compare values from old setup if need be:

Configure panel - Settings - Menu - Navigation bar - Layout:hidden
Configure panel - Settings - Menu - Navigation bar - Hide empty tabs panel:off
Configure panel - Settings - Menu - Navigation bar - Recently closed tabs sub panel:off
Configure panel - Settings - Menu - Navigation bar - Bookmarks sub panel:off
Configure panel - Settings - Menu - Navigation bar - History sub panel:off
Configure panel - Settings - Menu - Navigation bar - Tabs - Show close button: off
Configure panel - Settings - Menu - Navigation bar - Tabs - Show new tab button: off
Configure panel - Settings - Menu - Navigation bar - Appearance - Animations:off

uBlock Origin

1. Enable and update all built-in filter lists except for Regions and Languages.
2. Under Trusted Sites add your local IP range (e.g. 10.0.0.0/24) and local hostnames if you run any local web servers (e.g. https://my-home-server.local).
3. Enable Cloud Storage (if you use Firefox Sync) and upload your config tabs.

Disable annoying Google “Before you continue…” cookie popup GDPR-popup by defining under “My Filters”:

 ||consent.google.com^
 google.*##+js(aeld, DOMContentLoaded, CONSENT)

! 5/10/2020 https://blogi.nordnet.fi
blogi.nordnet.fi##.c-1.a-5.g-dyn > .gofollow > div > [src="about:blank"]

! 2020-12-24 https://mtgstocks.com
||mtgstocks.com/assets/images/cardconduit-1.png$image

! 2021-03-04 https://deckstats.net
||deckstats.net/img/bl_square.png$image

Note: May cause site breakage.

Also take ublock origin medium level to use, as noted here.

Awesome RSS
Puts the RSS-icon back at the end of the address bar.

Gesturefy
Enables mouse gestures. Compare setup values from old computer if need be.

URL in title
So that KeepassXC is usable. Not sure if this is needed if I install the KeepassXC browser extension. Edit: it is, as extension gives me the necessary granulanity to match auto-type, and I’ve already defined the entries in its database using this.

Wayback Machine
Archive web pages.

Save Page WE
Save a complete web page (as currently displayed) as a single HTML file

Consent-O-Matic
Automatic handling of GDPR consent forms.

GhostText
Use text editor to write in your browser.

Link Cleaner+
Clean URLs before opening a link.

Font Fingerprint Defender
Feed fake font value to avoid font fingerprinting.

Violentmonkey.

Undo Close Tab
Not needed as handled by Sidebery.

Skip Redirect
Extracts the final url from the intermediary url and goes there straight away if successful.

Tab Mix - Links
Not needed as Sidebery installed.

Terms of Service; Didn’t Read
Not needed as Consent-O-Matic handles this.

Don’t track me Google
Removes the annoying link-conversion at Google Search.
Uninstalled as the default search engine is duckduckgo where this is not needed.

Select After Closing Current
Configure which tab to select after closing the current tab.
Not needed as this functionality is pretty sane by default.

Searchonymous2
Search anonymously on Google while staying logged in on services such as Youtube, Gmail, etc.
Not needed anymore as not using google login anymore (Gmail, Youtube etc.)

Neat URL
Remove garbage from URLs.
Not needed as functionality is duplicate with Link Cleaner+.

Cookie AutoDelete:
Deletes cookies on browsing closing, except those whitelisted. This limits tracking. Not needed.

I don’t care about cookies
Disabled as fanboy’s easylist cookie list can already block these cookie popups. And easylist cookie list is already included in its Fanboy’s Annoyance List, which in turn is included in oisd.nl list. Also, Firefox may start to reject these cookie banners automatically. Until then, consider using Consent-O-Matic.

CanvasBlocker
Disabled as broke websites and not needed with LibreWolf which already has this built in.

Google search link fix
This was never working, now unmaintained.) Replaced by Don’t track me Google.

MySessions
Not needed, Firefox handles sessions now.

Don’t touch my tabs! (rel=noopener)
Not needed, as integrated into Firefox now.

Zen Fox (Good theme for eye, but makes my browser look more weird than it already is, not needed)

HTTPS Everywhere
Not needed anymore as obsoleted by browser’s native HTTPS-only Mode. Decentraleyes
No longer useful as Firefox’s Strict Tracking Protection has been enabled.

Save To The Wayback Machine
Addon support will be disabled on January 1st 2023. Recommended replacement is the official Wayback Machine addon.

Rest of the UI-tweaks can be done in about:config.

When using the address bar, don’t suggest open tabs, or search history:
browser.urlbar.suggest.openpage = False
browser.urlbar.suggest.history = False

To disable “Allow Firefox to make personalized extension recommendations”:
extensions.htmlaboutaddons.recommendations.enabled = false

To disable recommended extensions:
browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features = false

For more info, see: Disable Recommended Extensions in Mozilla Firefox. Show max amount of entries in urlbar I can fit to screen:
browser.urlbar.maxRichResults = 29

Show always https in url bar:
browser.urlbar.trimURLs = False

Disable Firefox from showing “Frequent” sites when right clicking the task bar firefox icon:
browser.taskbar.lists.frequent.enabled = False

Startpage of browser:
browser.startup.homepage = about:newtab

Remove url-bar “This time, search with”:
browser.urlbar.oneOffSearches = False Setting deprecated. Instead, go to about:preferences#search and Search Suggestions: untick/remove every search engine then in about:config set:
browser.urlbar.scotchBonnet.enableOverride = False

Toggle between two tabs:
browser.ctrlTab.sortByRecentlyUsed = True

Prevent hyperlinks from hijacking previous tab:
dom.targetBlankNoOpener.enabled = True

By default, LibreWolf deletes your browsing and download history on shutdown. Override this behavior:
privacy.clearOnShutdown.history = false

Do not close window when closing last tab:
browser.tabs.closeWindowWithLastTab = False

Disable media autoplay so that e.g. youtube videos don’t autoplay to next:
media.autoplay.blocking_policy = 2

Enable letterboxing.
privacy.resistFingerprinting.letterboxing = True

Disable OCSP enforcement. Otherwise I get SEC_ERROR_OCSP_SERVER_ERROR. Reasoning in LibreWolf FAQ.
security.OCSP.require = False

Enable GlobalConnect VPN to connect. Otherwise I get SSL_ERROR_UNSAFE_NEGOTIATION.
security.ssl.treat_unsafe_negotiation_as_broken = False
security.ssl.require_safe_negotiation = False

Restore previous session’s tabs after restarting browser
browser.sessionstore.resume_session_once = True

Disable “Your browser is being managed by your organization” to keep up with latest critical updates.
DisableAppUpdate = False

Alternatively:

1. win-r: Regedit
2. HKEY_LOCAL_MACHINE\Software\Policies\Mozilla\Firefox
3. Change DisableAppUpdate (DWORD 32-bit value)
4. To Decimal value 0

For more info, see: ghacks.net: Mozilla makes it more difficult to block Firefox updates

Disable “Use a background service to install updates”.
app.update.service.enabled = False

Turn off Firefox address bar auto-selection on focus when doing alt-tab.
browser.urlbar.clickSelectsAll = False Setting deprecated.

To fasten browsing on top alexa200 sites and to disable suggested tiles.
privacy.trackingprotection.enabled = True

Enable GPU acceleration.
See: Firefox tuning for moreinformation. layers.acceleration.force-enabled = True

Disable browser’s inline pdf viewer, and download the document instead.
pdfjs.disabled = True

So that links don’t open to new tab
browser.link.open_newwindow = 1

Make sure links from external applications open to new tabs
browser.link.open_newwindow.override.external = 3

Force a link to open in a non-active tab, instead of changing to that tab
browser.tabs.loadDivertedInBackground = True Note: Leave this false for now, as this breaks opening links in Jira from issue’s linked tasks (opens two tabs in background). This is because JRACLOUD-78419.

Open bookmarks to new tabs As per the instructions here.
browser.tabs.loadBookmarksInTabs = True

Disable so that firefox does not constantly remind on saving passwords on logins
signon.rememberSignons = False

Disable pocket
extensions.pocket.enabled = False

To disable DNS Over HTTPS
https://www.zdnet.com/article/how-to-enable-dns-over-https-doh-in-firefox/ network.trr.mode = 5 Edit: Left to default 0 now

Enable ESNI to prevent attackers from learning browsing history
network.security.esni.enabled = True Setting deprecated. To be replaced by ECH, Encrypted Client Hello:

network.dns.echconfig.enabled = True network.dns.use_https_rr_as_altsvc = True

GPU based rendering:
See Mozilla Gfx Team Blog for more info. gfx.webrender.all = True

Prefetch links also under https. See: How to stop Firefox from making automatic connections
network.dns.disablePrefetchFromHTTPS = False

Disable HTML5 video fullscreen transition fade animation (to speedup FF)
full-screen-api.transition-duration.leave = 0

Enable OffscreenCanvas, potential performance boost
See: Improved Performance with OffscreenCanvas. gfx.offscreencanvas.enabled = True

Enable userChrome.css changes to take effect
toolkit.legacyUserProfileCustomizations.stylesheets = True

Disable “You must log in to this network before you can access the Internet”
network.captive-portal-service.enabled = False

For Tridactyl to be able to capture key presses before pages has loaded
browser.sessionstore.restore_tabs_lazily = False

Enable AVIF picture support. For more info, see AVIF browser test page.
image.avif.enabled = True

Disable embedded JavaScript in built-in PDF viewer. For more info, see this article.
pdfjs.enableScripting = False

Disable proton UI introduced in FF 89
browser.proton.enabled = false

Disable Accessibility Service As per Mozilla’s accessibility services
accessibility.force_disabled = 1

Disable download button animations
browser.download.animateNotifications = False

Disable security dialog delay
security.dialog_enable_delay = 0

Disable WebRTC
media.peerconnection.enabled = False

Note: May break some web based audio and video services.

Stop webpages known which part of the page had been selected
dom.event.clipboardevents.enabled = False. Also see this for more info.

Enable experimental fingerprinting protection
privacy.resistFingerprinting = True. For more info see this.

Enable Query Parameter Stripping also in private tabs smooth scrolling
general.smoothScroll.currentVelocityWeighting: 0 general.smoothScroll.mouseWheel.durationMaxMS: 250 general.smoothScroll.stopDecelerationWeighting; 0.82 mousewheel.min_line_scroll_amount: 25 general.smoothScroll.msdPhysics.enabled

For normal browsing
privacy.query_stripping.enabled = True

For private browsing
privacy.query_stripping.enabled.pbmode = True

Disable monitoring of add-ons, as per this article.
extensions.quarantinedDomains.enabled = false

Firefox in corporate environment is controlled by group policies. Most important setting is:

WindowsSSO = True

Otherwise you will get error when trying to open in browser corporate documents for editing. Enable the setting in settings.

Disable Shockwave Flash, Shockwave Director, Silverlight plugin and Java Deployment Toolkit, and Java Platform SE 8 (Never Activate). Also Microsoft Office 2013 (but you may experience issues with Firefox not triggering Microsoft SharePoint.

Enable experimental features.
browser.preferences.experimental = true

Experimental features are then accessible at about:preferences#experimental

• Enable Enhanced Tracking Protection in Strict mode (already on by default in LibreWolf).

• Template mentioned here.
• Do this after new installation.
• Consider just using Firefox with arkenfox.ja or plain LibreWolf over on your own maintained about:config because of fingerprinting.

Right click on toolbar and uncheck the “bookmarks toolbar”

As per this and this.

about:config, set:

webgl.force-enabled to true
layers.acceleration.force-enabled to true
gfx.direct2d.force-enabled to true

Test with e.g. with first-person Tetris.

For example Minimal floating scrollbars, but none implemented yet.

For Violentmonkey. No scripts yet.

• Under browser’s Proxy settings, select Manual Proxy configuration. For the SOCKS Host, use 10.64.0.1 port 1080, and select SOCKS v5 as your protocol. With Firefox, select Proxy DNS when using Socks v5 to use Mullvad’s DNS server. Also in Firefox, make absolutely sure you disable Enable DNS over HTTPS, or you’ll be scratching your head on why you don’t seem to be able to connect to the internet.

Edit: This breaks access to my local 10.0.0.0/24 network. Disabled for now.

Addons to try