How to block automatic connections that Firefox makes
Web browsers make two types of connections. First connections initiated by the user of the browser, for instance when an url is entered into the address bar of the browser or when a link is clicked on, and then automatic connections for a variety of reasons.
Some power browser updates, other may retrieve certificates or verify if a page is malicious or not. While some browsers give you some control, it is Firefox that gives you more control over this automated behavior than any other popular web browser.
Mozilla has created a support page that lists all the connections that Firefox make without explicit permission of the user. As you can see, quite a few are listed there.
While some are enabled after user activity, for instance adding live bookmarks to the browser, others are enabled by default. This guide looks at the latter kind, explains what their use is, and how you can disable them if you do not require them.
List of automatic connections
The list is not sorted by severity or risks.
Update Checking
One core feature of Firefox is the update checking. The browser checks for core, theme and extension updates regularly and will either download and install those updates automatically, or prompt you instead.
Note: it is generally not suggested to disable the check for updates as security issues will get fixed regularly by browser updates.
- Type about:preferences and hit enter. This opens the Firefox options page.
- Switch to Advanced > Update to modify the update checking capabilities.
- To block any communication, select never check for updates on the page.
- While you are at it, you may also want to disable the automatic update of search engines on the same page.
For add-ons and themes do the following instead:
- Load about:addons in the address bar and hit enter. This opens Firefox's Add-ons Manager.
- Select Extensions if the option is not selected already.
- Click on the settings icon next to search at the top right corner and uncheck the update add-ons automatically option here.
- Once done, open the menu again and select reset all add-ons to update manually from the menu.
You can use about:config to make those changes as well:
- Type about:config in the browser's address bar and hit enter.
- Confirm you will be careful if a prompt is shown.
- Search for app.update.enabled and double-click it to set it to false. This disables automatic Firefox updates. While you are at it, set app.update.auto to false as well.
- Search for browser.search.update and double-click it to set it to false. This disables update checks for search engine updates.
- Search for extensions.update.enabled and double-click it to set it to false. This disables automatic extension updates and checks.
Security features
The following requests are all made to power various security related features of Firefox.
Safebrowsing: Firefox downloads a Safebrowsing list regularly (it is not clear how often, I have seen values ranging from 30 minutes to once a day) and stores it locally. It will then compare any url you visit with the items on the list, and if it finds a match, connect Google to find out if the url is still on the blacklist or if it has been removed from it.
Phishing: This works in pretty much the same way as safebrowsing. Firefox downloads a phishing protection list regularly while it is running and uses it to determine if websites that you visit are marked as phishing sites. If the site is a hit, Firefox will check online to see if the site is still marked as a phishing site or not.
This means that there are two types of connections made. The first checks for updates and downloads them if available, the second checks a site you are about to visit online against the most recent database.
Mozilla notes that existing Google cookies may be sent in the second case.
To disable both features do the following:
- Load about:preferences in the browser's address bar.
- Switch to the security tab, and deselect block reported attack sites and block reported web forgeries.
You can disable the options on Firefox's about:config page as well.
- Type about:config into the address bar and hit enter.
- Confirm you will be careful.
- Search for browser.safebrowsing.enabled
- Double-click on browser.safebrowsing.enabled to set it to false. This disables the phishing protection.
- Double-click on browser.safebrowsing.malware.enabled to set it to false. This disables the Safebrowsing protection.
This can be useful if you are using a different application, a local security software for example or another browser extension, as protection.
Firefox checks downloads against a local list and classifies them as safe or malware. If it cannot identify a file using the local list, it queries Google's Safe Browsing service by sending metadata to get a verdict on the download.
You may disable this feature on the about:config page by setting browser.safebrowsing.appRepURL to a blank value.
Extension blocklist: Mozilla maintains a blocklist that lists malicious extensions as well as extensions that cause issues in the browser, for instance by consuming a lot of memory or causing stability issues.
If you disable the check, blocked extensions may be run in Firefox which may put your system at risk.
To disable it, you need to use about:config which is explained below.
- Search for extensions.blocklist.enabled on about:config and double-click the entry to set it to false.
Suggestions
Firefox makes automated connections to display suggestions in the browser.
Add-on suggestions: Whenever you open the add-ons manager, Firefox will retrieve a list of suggested add-ons.
- While on about:config search for extensions.webservice.discoverURL, double-click the value and replace it with http://127.0.0.1.
Search suggestions: Firefox may display suggestions based on what you enter into the search bar. It uses the browser search engine for that which is Google by default.
- While on about:config search for browser.search.suggest.enabled and double-click the preference to set it to false which disables it.
Misc connections
A list of connections that Firefox makes that don't fall into any of the other categories.
Link prefetching: Websites can provide Firefox with hints as to which page is likely the be accessed next so that it is downloaded right away even if you don't request that link.
- On about:config, search for network.prefetch-next and double-click the preference to disable it.
DNS Prefetching: Firefox will perform domain name resolutions on links automatically. If you don't want that to happen, do the following:
- Set the preference network.dns.disablePrefetch on the about:config page to true.
Seer: Seer is a component of Necko Predictive Network Actions. It keeps track of components that were loaded during the visit of a page on the Internet so that the browser knows next time which resources to request from the web server.
- On about:config, search for network.seer.enabled and set the entry to false with a double-click.
Speculative Pre-connections: When you hover over links, connections are established to linked domains and servers automatically to speed up the loading process should you click on the link.
- Set the preference network.http.speculative-parallel-limit to a value of 0.
Add-on metadata updating: Firefox displays information about each add-on that you have installed in the browser. You can click on the more link for instance in the add-on manager to display the author's description. This feature checks for updates to those information.
- On about:config, search for extensions.getAddons.cache.enabled and double-click the entry to set it to false to disable it.
Firefox Health report and Telemetry data: Firefox may share information with Mozilla about the browser's performance, usage or customizations.
- Type about:preferences in the browser's address bar and hit enter.
- Switch to Advanced > Data choices and uncheck enable Telemetry and enable Health Report.
Crash Reporter: Whenever Firefox crashes, reports are send to Mozilla if the Crash Reporter is enabled. To check if it is, go to the data choices page again:
- Check if enable Crash Reporter is enabled here.
Mozilla Snippets: If you use the default homepage about:home, so-called snippets are displayed that show Mozilla related content. These snippets are updated once a day:
- To disable the feature, set the preference browser.aboutHomeSnippets.updateUrl to a blank value.
What's New Page: This page highlights new features of the browser after updates and gets loaded automatically from Mozilla.
- To disable it, set the value of the preference browser.startup.homepage_override.mstone to ignore.
WebRTC: Web Real-Time Communication is used by Firefox Hello and other extensions and web services. It can leak the local IP address even when it is not used actively.
- To disable this, set the preference media.peerconnection.enabled to false.
Send Video to Device: Firefox sends Simple Service Discovery Protocol packages to discover casting devices such as Chromecast or Roku automatically to the local network.
- Turn this off by setting browser.casting.enabled to false.
Mozilla – a heavily monetized foundation and double standard organization calls Firefox
as a “privacy-respecting browser”, but it’s not true! Firefox spies on you!
Firefox is not only a “search” engine, but it’s a surveillance engine too!
Here my tips for you:
Go to > about:config and search there all these files and set them tp: “false” if you want it so..
Disable Credit Card autofill:
“extensions.formautofill.creditCards.enabled
“dom.payments.defaults.saveAddress
“dom.payments.request.user_interaction_required
“extensions.webextensions.uuids” – (you will se there Firefox hidden extensions)
“browser.safebrowsing.provider.google4.dataSharing.enabled”
“media.getusermedia.microphone.off_while_disabled.enabled;”
“media.getusermedia.camera.off_while_disabled.enabled;”
“media.peerconnection.identity.enabled;”
“media.peerconnection.ice.tcp;”
Disable Remote Downloads:
“browser.safebrowsing.downloads.remote.enabled”
“dom.payments.request.enabled;”
“dom.payments.defaults.saveAddress;”
“extensions.formautofill.creditCards.enabled;”
Disable remote wifi scan and geo-location:
“devtools.remote.wifi.scan”
“geo.wifi.uri”
“geo.enabled”
“browser.search.geoip.url”
“geo.provider.ms-windows-location”
“network-protocol-handler-external.ms-windows-store”
“browser.search.geoSpecificDefaults”
Firefox requests information from the Mozilla Add-ons gallery once a day:
“extensions.getAddons.cache.enabled”
Set it to false.
Do not forget:
“toolkit.telemetry.archive.enabled”
“toolkit.telemetry.bhrPing.enabled”
“toolkit.telemetry.enabled”
and datareporting:
“datareporting.healthreport.uploadEnabled”
the next..
“browser.tabs.remote.desktopbehavior”
And Mozillas new spy engine: Normandy – It determines the region a user is in, based on IP etc..
“app.normandy.enabled”
Guy’s, I have much more of them.. but I’m sorry, it’s too much at this time :) ;)
Have fun!
Also set browser.selfsupport.url to “”
https://wiki.mozilla.org/Firefox/Shield/Heartbeat
“Heartbeat is User Voice in Firefox. Heartbeat provides real-time understanding of our existing Desktop user population, allowing us to pivot more quickly based on the needs and desires of our users. Heartbeat ties user perception to technical information so we can take your feedback and feed that into future Firefox releases.”
^ Seriously, what the fuck is this? It reads like a parody of upper management double-speak for spyware. With it enabled, there is a persistent connection to mozilla’s servers that consumes 1-2 kB/s
Using the about:config does NOT WORK !
Use this tutorial:
http://blog.danielburrowes.com/2013/06/mozilla-firefox-disable-auto-update.html
This is not spam or anything, just so happy I’ve stopped firefox from downloading a new version everytime.
Weird problem: I’m on os 10.8, FF28, noscript, blank page on launch, cookies, only from visited, time warner (but use opendns), no live bookmarks I am aware of, auto-update off–but, sometimes when I launch FF, I get a tcp connection (according to terminal netstat -an) to Akamai followed by “google- like” (74.125.xxx.xxx) ad sites, none of them actually appearing in the browser. Close, FF, connections cease. Don’t have the same behavior on Safari (but, I hate Safari and prefer not to use it).
“While on about:config search for extensions.webservice.discoverURL, double-click the value and replace it with http://127.0.0.1.”
why ? – just delete url is not enough ?
and I mean in all similiar cases ….
Yes, you can also remove the url completely.
Alas! The search suggestion setting has reverted back to “enabled” again today. It just will not stick! If anyone has any thoughts on why this is happening and/or how to correct it, please post. Thanks!
How about listing which add-ons you use? I’ll give it a look. Sometimes another pair of eyes can help.
Thanks for the suggestion! It was worth a shot, I thought, but I found nothing in any of them even remotely connected to the problem. Then I searched online harder than I had done before, and found this link: https://support.mozilla.org/en-US/questions/980227
So far, the chosen solution there is working for me, too!
Excellent write-up, thanks for helping keep the users informed & empowered.
FF 29.0.1: Set “browser.search.suggest.enabled” to false but it just will not stick and continually changes itself back to true. Any thoughts on why this would be, and more importantly, on how to correct this? Thanks.
You probably have an add-on that is reverting it back. Check your add-on settings.
“While on about:config search for extensions.webservice.discoverURL, double-click the value and replace it with http://127.0.0.1.”
However: “A loopback connection (to IP address 127.0.0.1) can be made by Firefox on non-Unix machines. In this case the browser is communicating with itself as expected, and it is not recommended that this communication be blocked. See bug 100154 for more information.” Source: https://support.mozilla.org/en-US/kb/how-stop-firefox-automatically-making-connections
Then how does one block add-on suggestions on Linux using Firefox?
Calomel SSL Validation add on will disable a good chunk of those connections for you if you wish: https://addons.mozilla.org/en-US/firefox/addon/calomel-ssl-validation/
This is an absolutely wonderful article! You got to the details man and those details are absolutely critical. Like when does stuff execute, IE: When you click on the live bookmarks or hover over thumbnails and especially the 30min to 1 day period of checks for safelist AND especially when you go to a blacklisted site it double checks by downloainding safelist or part of it again to see if the url is still blacklisted. Extremely well done man you need to be paid for this article.
Excellent! Very timely, extremely helpful. Thank you!
P.S. Anyone know if the Avira Browser Safety add-on also connects to Google?
As always a good article about Firefox and some “hidden” settings. Keep up your fantastic work!