One of the biggest features and strength of the Firefox web browser is its extensions engine and the support it receives from the Firefox community. Users find thousands of different add-ons for virtually any purpose in the official extensions gallery over at Mozilla. Mozilla tries its best to promote popular and interesting add-ons, but the sheer amount makes that attempt more or less futile.
The best Firefox security add-ons is a guide for Firefox users who want to improve their web browser's security and protection from attacks on today's Internet. That does not necessarily mean that you need to install all of the add-ons to protect your browser from malicious attacks, as some may only be useful if you visit specific websites or types of sites regularly.
The list concentrates on security related add-ons, not privacy related. Only extensions that are compatible with at least Firefox 4 have been included in the list.
Those are extensions that I use on my private PC. I thought it would be a great way to start with a selection of add-ons that I personally use all the time, and list the remaining extensions in the second part of the article.
NoScript - Most malware and attacks are script based on the Internet. If a script cannot run, it cannot attack your computer. NoScript does exactly that. It blocks all scripts from running on all pages and websites on the Internet. You can whitelist scripts for a session or permanently if you trust a website.
A must-have extension and one of the main reasons that I'm still using the Firefox web browser and not another browser.
Alternative: YesScript, which allows all scripts and gives you the option to disable select ones.
LastPass Password Manager - LastPass is a password manager which makes the add-on security related. It stores the passwords online which means that you can access them from any PC that LastPass is installed on provided that you have an Internet connection on that PC. It features a secure password generator, form filler and note taking along with the usual options like automatically logging you in on websites or an on screen keyboard.
The company recently created a tool called LastPass Security Challenge which goes through your stored passwords to rate them individually and overall.
BrowserProtect - Protects your web browser's settings and preferences from being tampered with. Some programs that you install on your computer change Firefox settings either automatically or if you do not pay attention to the installation dialog. Browser Protect for Firefox shields the browser by monitoring the browser configuration. It is for instance effective against homepage hijacking or search engine provider changes.
HTTPS Finder - It is always safer to use https when available, as it protects the information from network snooping and other possible attack forms. HTTPS Finder informs you if a website supports HTTPS, with an option to automatically switch to the HTTPS protocol. A similar feature is provided by NoScript. [Update: no longer available, use HTTPS Everywhere instead]
Master Password+ - Passwords stored in Firefox's default password manager are not secured at all by default. Anyone with access to the computer can access both usernames and passwords for all sites. The Master Password is a way to protect the password list in Firefox. Master Password+ improves that feature, for instance by prompting for the master password on browser startup or locking up the browser window if the master password is not supplied.
Whois Lookup - It sometimes pays to know who owns and administrates a website. This is done with a Whois Lookup, which you can do manually on many whois related sites on the Internet, or semi-automatically with the Firefox extension Whois Lookup. [Update: no longer available, try DT Whois instead]
Alternative: Bookmark Permissions, does the same, only for bookmarks.
FEBE - Firefox Environment Backup Extension allows you to backup Firefox data, including extensions, themes, preferences, passwords and cookies regularly. I personally prefer MozBackup for this, but this extension is a solid alternative.
Perspectives - Aids Firefox users securely identify Internet servers by verifying certificates using a collection of Network Notaries.
NoRedirect - Gives you back the control over HTTP redirects. Many ISPs these days redirect you to their own search page if you mistype a web address in a browser. NoRedirect in addition offers previews for shortened urls and stops the redirection of smart error pages and more.
Dr. Web Anti-Virus Link Checker - Send files that you want to download with an online virus scanner before you do so. This can be done without downloading the file first to your computer.
Alternative: VTZilla (Caution: Not hosted on Mozilla.org) that sends files to Virus Total where they are checked against 40 different antivirus engines.
Web of Trust - Displays rating symbols for websites that you visit. Ratings include trustworthiness, vendor reliability, privacy and child safety.
Alternative: LinkExtend - Uses eight safety services instead of just one to rate links before you visit the web sites.
Search Engine Security - Changes the referrer when visiting web pages from search engines to protect against some forms of malicious redirects.
Firefox users can improve the security of the web browser significantly with add-ons. Many add additional layers of protection to the browser, which can keep you safe, or at least safer, on the Internet.
Did I miss a security add-on that you use all the time? Let me know about it in the comments.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.