Why Harden Your Browser?
Your browser is your window to the internet—and it can also be a windowinto your life. Out of the box, most browsers prioritize convenience over privacy. This guide shows you how to change that.
We'll cover three scenarios:
- Firefox hardening (recommended for most users)
- Chrome privacy settings (if you must use Chrome)
- Brave configuration (good balance of privacy/usability)
WARNING: Aggressive hardening can break websites. Start with basic settings and gradually increase protection. Test on sites you use regularly.
Firefox Hardening
Firefox is the best mainstream browser for privacy. It's open-source, non-profit, and has extensive customization options. Here's how to configure it.
Step 1: Basic Settings (GUI)
- Enable Enhanced Tracking Protection
Settings → Privacy & Security → Enhanced Tracking Protection → Strict
- Disable telemetry
Settings → Privacy & Security → Firefox Data Collection → Uncheck all boxes
- Enable DNS over HTTPS
Settings → General → Network Settings → Enable DNS over HTTPS → Cloudflare or NextDNS
- Disable password manager (use Bitwarden instead)
Settings → Privacy & Security → Logins and Passwords → Uncheck all
- Clear data on close
Settings → Privacy & Security → Cookies → Delete cookies when Firefox is closed
Step 2: about:config Tweaks
Type about:config in the address bar. Accept the warning. Search for these settings:
| Preference | Set To | Effect |
|---|---|---|
| privacy.resistFingerprinting | true | Blocks most fingerprinting |
| privacy.trackingprotection.enabled | true | Enables tracker blocking |
| privacy.firstparty.isolate | true | Isolates cookies per site |
| media.peerconnection.enabled | false | Disables WebRTC (IP leaks) |
| geo.enabled | false | Blocks geolocation API |
| dom.battery.enabled | false | Blocks battery status API |
| network.cookie.lifetimePolicy | 2 | Deletes cookies on close |
| beacon.enabled | false | Blocks beacon tracking |
| dom.event.clipboardevents.enabled | false | Blocks clipboard snooping |
Step 3: Essential Extensions
uBlock Origin
Best ad/tracker blocker. Enable all filter lists. Add annoyances filters.
Privacy Badger
Learns to block trackers. Good complement to uBlock. By EFF.
Decentraleyes
Serves CDN files locally. Prevents tracking via common libraries.
ClearURLs
Removes tracking parameters from URLs. No more ?utm_source chaos.
Pro Tip: Use arkenfox user.js
For advanced users, the arkenfox user.js project provides a comprehensive Firefox configuration file with hundreds of privacy tweaks. Download, customize, place in your profile folder.
Chrome Privacy Settings
Chrome is made by an advertising company. It's fundamentally not designed for privacy. But if you must use it, here's how to reduce the damage:
HONEST ADVICE: Switch to Firefox or Brave. Chrome's architecture limits what privacy extensions can do. Google controls the rules. But if work/sites require Chrome, these settings help.
Essential Chrome Settings
- Disable "Enhanced Safe Browsing"
Settings → Privacy → Security → Choose "Standard protection"
(Enhanced sends URLs to Google) - Block third-party cookies
Settings → Privacy → Third-party cookies → Block third-party cookies
- Disable "Preload pages"
Settings → Privacy → Preload pages → No preloading
- Turn off Google sync
Settings → You and Google → Sync and Google services → Turn off sync
- Disable all "Google services"
Settings → You and Google → Sync and Google services → Toggle all OFF
chrome://flags Tweaks
| Flag | Set To | Effect |
|---|---|---|
| #disable-webrtc | Enabled | Prevents IP leaks |
| #enable-quic | Disabled | Blocks QUIC fingerprinting |
Install uBlock Origin (while you still can—Google is limiting its capabilities in Manifest V3). That's really the best you can do on Chrome.
Brave Configuration
Brave is Chromium-based but with aggressive privacy defaults. Good middle ground between privacy and compatibility. Less configuration needed.
Recommended Settings
- Set Shields to Aggressive
Click Shields icon → Trackers & ads blocking → Aggressive
- Block fingerprinting
Settings → Shields → Fingerprinting blocking → Strict
- Block third-party cookies
Settings → Shields → Cookies → Block cross-site cookies
- Use Brave's DNS
Settings → Security → Use secure DNS → Cloudflare or NextDNS
- Disable Brave Rewards (unless you use it)
Settings → Brave Rewards → Toggle off
Note on Brave Rewards
Brave shows optional ads and rewards you with BAT cryptocurrency. This is opt-in and privacy-respecting (matching happens locally). But if you want zero ads, disable it.
Advanced: Network-Level Protection
For maximum protection, block trackers before they reach your browser:
Pi-hole
Network-wide DNS blocking. Runs on Raspberry Pi. Blocks ads/trackers for all devices on your network.
pi-hole.net →NextDNS
Cloud-based DNS filtering. No hardware needed. Highly customizable blocklists. Works on mobile too.
nextdns.io →AdGuard Home
Similar to Pi-hole but with a more user-friendly interface. Supports DNS-over-HTTPS out of the box.
adguard.com →VPN (Reputable)
Hides IP from websites. Choose no-logs providers: Mullvad, ProtonVPN, IVPN. Avoid free VPNs.
mullvad.net →Testing Your Configuration
After hardening, test your browser with these tools:
- Our fingerprint scanner — See your uniqueness score
- WebRTC leak test — Verify IP isn't exposed
- DNS leak test — Check encrypted DNS works
- Ad blocker test — Measure tracker blocking