Firefox profile setup for Windows 10/11
and for linux

Install Sidebery for vertical tabs.

Create userChrome.css at %APPDATA%\Mozilla\Firefox\Profiles\...\chrome\ with content:

/* After Firefox 69 for userChrome.css to work, about:config toolkit.legacyUserProfileCustomizations.stylesheets --> True
https://github.com/mbnuqw/sidebery/wiki/Firefox-Styles-Snippets-(via-userChrome.css)*/

/* hide titlebar: https://www.reddit.com/r/FirefoxCSS/comments/f9hnt3/how_to_disable_or_hide_the_title_barminimizeclose/ */
#titlebar {
visibility: collapse !important;
}

/* Hide back/forward buttons: https://www.reddit.com/r/FirefoxCSS/comments/8nogqc/can_i_hide_backforward_buttons_next_to_the/ */
#forward-button, #back-button {
display: none !important;
}

/* remove 'Tree Style Tab' header from sidebar
https://www.reddit.com/r/firefox/comments/72kt5x/tree_style_tab_its_finally_here/*/
#sidebar-header {
  display: none;
}

Do rest of the Sidebery UI-changes in its options.

Rest of the UI-tweaks can be done in about:config.

When using the address bar, don’t suggest open tabs, or search history:
browser.urlbar.suggest.openpage = False
browser.urlbar.suggest.history = False

To disable “Allow Firefox to make personalized extension recommendations”:
extensions.htmlaboutaddons.recommendations.enabled = false

To disable recommended extensions:
browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features = false

For more info, see: Disable Recommended Extensions in Mozilla Firefox. Show max amount of entries in urlbar I can fit to screen:
browser.urlbar.maxRichResults = 29

Show always https in url bar:
browser.urlbar.trimURLs = False

Disable Firefox from showing “Frequent” sites when right clicking the task bar firefox icon:
browser.taskbar.lists.frequent.enabled = False

Startpage of browser:
browser.startup.homepage = about:newtab

Remove url-bar “This time, search with”:
browser.urlbar.oneOffSearches = False Setting deprecated. Instead, go to about:preferences#search and Search Suggestions: untick/remove every search engine.

Toggle between two tabs:
browser.ctrlTab.sortByRecentlyUsed = True

Prevent hyperlinks from hijacking previous tab:
dom.targetBlankNoOpener.enabled = True

By default, LibreWolf deletes your browsing and download history on shutdown. Override this behavior:
privacy.clearOnShutdown.history = false

Do not close window when closing last tab:
browser.tabs.closeWindowWithLastTab = False

Disable media autoplay so that e.g. youtube videos don’t autoplay to next:
media.autoplay.blocking_policy = 2

uBlock Origin

1. Enable and update all built-in filter lists except for Regions and Languages.
2. Under Trusted Sites add your local IP range (e.g. 10.0.0.0/24) and local hostnames if you run any local web servers (e.g. https://my-home-server.local).
3. Enable Cloud Storage (if you use Firefox Sync) and upload your config tabs.

Disable annoying Google “Before you continue…” cookie popup GDPR-popup by defining under “My Filters”:

 ||consent.google.com^
 google.*##+js(aeld, DOMContentLoaded, CONSENT)

! 5/10/2020 https://blogi.nordnet.fi
blogi.nordnet.fi##.c-1.a-5.g-dyn > .gofollow > div > [src="about:blank"]

! 2020-12-24 https://mtgstocks.com
||mtgstocks.com/assets/images/cardconduit-1.png$image

! 2021-03-04 https://deckstats.net
||deckstats.net/img/bl_square.png$image

Note: May cause site breakage.

Also take ublock origin medium level to use, as noted here.

Awesome RSS
Puts the RSS-icon back at the end of the address bar.

Gesturefy
Enables mouse gestures.

URL in title
So that KeepassXC is usable. Not sure if this is needed if I install the KeepassXC browser extension. Edit: it is, as extension gives me the necessary granulanity to match auto-type, and I’ve already defined the entries in its database using this.

Wayback Machine
Archive web pages.

Save Page WE
Save a complete web page (as currently displayed) as a single HTML file

Consent-O-Matic
Automatic handling of GDPR consent forms.

GhostText
Use text editor to write in your browser.

Link Cleaner+
Clean URLs before opening a link.

Enable letterboxing.
privacy.resistFingerprinting.letterboxing = True

Disable OCSP enforcement. Otherwise I get SEC_ERROR_OCSP_SERVER_ERROR. Reasoning in LibreWolf FAQ.
security.OCSP.require = False

Enable GlobalConnect VPN to connect. Otherwise I get SSL_ERROR_UNSAFE_NEGOTIATION.
security.ssl.treat_unsafe_negotiation_as_broken = False
security.ssl.require_safe_negotiation = False

Rest of the addons are installed after signing in to Firefox accounts, but they must be configured. Most of the addons are privacy and usability related.

Tridactyl :usability: …or Vim Vixen (both may break site compatibility, experiment more), Or Vimium-C, OR Surfing Keys. Check this reddit thread for more. To be able to use C-f again to search for things, use :unbind <C-f>

Violentmonkey.

Undo Close Tab
Not needed as handled by Sidebery.

Skip Redirect
Extracts the final url from the intermediary url and goes there straight away if successful.

Tab Mix - Links
Not needed as Sidebery installed.

Terms of Service; Didn’t Read
Not needed as Consent-O-Matic handles this.

Don’t track me Google
Removes the annoying link-conversion at Google Search.
Uninstalled as the default search engine is duckduckgo where this is not needed.

Select After Closing Current
Configure which tab to select after closing the current tab.
Not needed as this functionality is pretty sane by default.

Searchonymous2
Search anonymously on Google while staying logged in on services such as Youtube, Gmail, etc.
Not needed anymore as not using google login anymore (Gmail, Youtube etc.)

Neat URL
Remove garbage from URLs.
Not needed as functionality is duplicate with Link Cleaner+.

Cookie AutoDelete:
Deletes cookies on browsing closing, except those whitelisted. This limits tracking. Not needed.

I don’t care about cookies
Disabled as fanboy’s easylist cookie list can already block these cookie popups. And easylist cookie list is already included in its Fanboy’s Annoyance List, which in turn is included in oisd.nl list. Also, Firefox may start to reject these cookie banners automatically. Until then, consider using Consent-O-Matic.

CanvasBlocker
Disabled as broke websites and not needed with LibreWolf which already has this built in.

Google search link fix
This was never working, now unmaintained.) Replaced by Don’t track me Google.

MySessions
Not needed, Firefox handles sessions now.

Don’t touch my tabs! (rel=noopener)
Not needed, as integrated into Firefox now.

Zen Fox (Good theme for eye, but makes my browser look more weird than it already is, not needed)

HTTPS Everywhere
Not needed anymore as obsoleted by browser’s native HTTPS-only Mode. Decentraleyes
No longer useful as Firefox’s Strict Tracking Protection has been enabled.

Save To The Wayback Machine
Addon support will be disabled on January 1st 2023. Recommended replacement is the official Wayback Machine addon.

Disable Shockwave Flash, Shockwave Director, Silverlight plugin and Java Deployment Toolkit, and Java Platform SE 8 (Never Activate). Also Microsoft Office 2013 (but you may experience issues with Firefox not triggering Microsoft SharePoint.

Restore previous session’s tabs after restarting browser

browser.sessionstore.resume_session_once = True
Disable “Your browser is being managed by your organization” to keep up with latest critical updates.

DisableAppUpdate = False

Alternatively:

1. win-r: Regedit
2. HKEY_LOCAL_MACHINE\Software\Policies\Mozilla\Firefox
3. Change DisableAppUpdate (DWORD 32-bit value)
4. To Decimal value 0

For more info, see: ghacks.net: Mozilla makes it more difficult to block Firefox updates

Disable “Use a background service to install updates”.
app.update.service.enabled = False

Turn off Firefox address bar auto-selection on focus when doing alt-tab.
browser.urlbar.clickSelectsAll = False Setting deprecated.

To fasten browsing on top alexa200 sites and to disable suggested tiles.
privacy.trackingprotection.enabled = True

Enable GPU acceleration.
See: Firefox tuning for moreinformation. layers.acceleration.force-enabled = True

Disable browser’s inline pdf viewer, and download the document instead.
pdfjs.disabled = True

So that links don’t open to new tab
browser.link.open_newwindow = 1

Make sure links from external applications open to new tabs
browser.link.open_newwindow.override.external = 3

Force a link to open in a non-active tab, instead of changing to that tab
browser.tabs.loadDivertedInBackground = True Note: Leave this false for now, as this breaks opening links in Jira from issue’s linked tasks (opens two tabs in background). This is because JRACLOUD-78419.

Open bookmarks to new tabs As per the instructions here.
browser.tabs.loadBookmarksInTabs = True

Disable so that firefox does not constantly remind on saving passwords on logins :usability: signon.rememberSignons = False

Disable pocket :security: extensions.pocket.enabled = False

To disable DNS Over HTTPS :security: https://www.zdnet.com/article/how-to-enable-dns-over-https-doh-in-firefox/ network.trr.mode = 5 Edit: Left to default 0 now

Enable ESNI to prevent attackers from learning browsing history :security:

network.security.esni.enabled = True Setting deprecated. To be replaced by ECH, Encrypted Client Hello:

network.dns.echconfig.enabled = True network.dns.use_https_rr_as_altsvc = True

GPU based rendering :performance: See: Mozilla Gfx Team Blog for more info. gfx.webrender.all = True

Prefetch links also under https :performance: See: How to stop Firefox from making automatic connections:

network.dns.disablePrefetchFromHTTPS = False Disable HTML5 video fullscreen transition fade animation (to speedup ff): :perfromance:

full-screen-api.transition-duration.leave = 0 Enable OffscreenCanvas, potential performance boost :performance: See: Improved Performance with OffscreenCanvas.

gfx.offscreencanvas.enabled = True Enable userChrome.css changes to take effect :usability:

toolkit.legacyUserProfileCustomizations.stylesheets = True Disable “You must log in to this network before you can access the Internet” :usability: network.captive-portal-service.enabled = False For Tridactyl to be able to capture key presses before pages has loaded :usability: browser.sessionstore.restore_tabs_lazily = False

Disable automatic address list drop down on address bar focus :usability: browser.urlbar.suggest.topsites = False This will also disable Top Sites at about:preferences

Enable AVIF picture support :performance: For more info, see AVIF browser test page. image.avif.enabled = True

Disable embedded JavaScript in built-in PDF viewer :security: For more info, see this article.

pdfjs.enableScripting = False

Disable proton UI introduced in FF 89 :usability: browser.proton.enabled = false

Disable Accessibility Service :performance: As per Mozilla’s accessibility services accessibility.force_disabled = 1

Disable download button animations :performance: browser.download.animateNotifications = False

Disable security dialog delay :performance: security.dialog_enable_delay = 0

Disable WebRTC :security: media.peerconnection.enabled = False

Note: May break some web based audio and video services.

Stop webpages known which part of the page had been selected :privacy: dom.event.clipboardevents.enabled = False. Also see this for more info.

Enable experimental fingerprinting protection :privacy: privacy.resistFingerprinting = True. For more info see this.

Enable Query Parameter Stripping also in private tabs :privacy: Smooth scrolling general.smoothScroll.currentVelocityWeighting: 0 general.smoothScroll.mouseWheel.durationMaxMS: 250 general.smoothScroll.stopDecelerationWeighting; 0.82 mousewheel.min_{linescrollamount}: 25 general.smoothScroll.msdPhysics.enabled

For normal browsing: privacy.query_stripping.enabled = True

For private browsing: privacy.query_stripping.enabled.pbmode = True

Disable monitoring of add-ons :usability: extensions.quarantinedDomains.enabled = false. As per this article.

Requires in about:config setting browser.preferences.experimental = true

Experimental features are then accessible at about:preferences#experimental

• Under browser’s Proxy settings, select Manual Proxy configuration. For the SOCKS Host, use 10.64.0.1 port 1080, and select SOCKS v5 as your protocol. With Firefox, select Proxy DNS when using Socks v5 to use Mullvad’s DNS server. Also in Firefox, make absolutely sure you disable Enable DNS over HTTPS, or you’ll be scratching your head on why you don’t seem to be able to connect to the internet.

Edit: This breaks access to my local 10.0.0.0/24 network. Disabled for now.

• Enable Enhanced Tracking Protection in Strict mode (already on by default in LibreWolf).