Firefox: Allow Restricted TCP-Ports

Disclaimer

I don’t think, „hiding“ a webserver behind a non-standard TCP-Port is a security feature („security by obscurity“) but on the other hand restricting access to non-standard Ports seems to not increase the personal security measure, it just wastes time of anybody who needs to access such a service – and – it’s absolutely allowed to run a web-server on any port which isn’t used by another service 😉

Solution (if you (think, you) know what you’re doing)

As always

about:config

Add as „String“ if it’s missing:

network.security.ports.banned.override

Add the Service you want to acccess

8081,8082,8083

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.

Firefox suggesting Autofill logins from other sites

For some time the password-manager built into firefox presents for each website a long list with obviously not useful proposals: „Want to login into Amazon? Try the Azure-Password!“, Firefox whispers.

A bug couldn’t be more annoying, but this is a feature. (https://www.mozilla.org/en-US/firefox/71.0/releasenotes/)

Hard to believe this could be useful for some corner case, but for daily usage i’d prefer to get only the right password for one web-site to get proposed.

Fortunately you can turn it off:

signon.includeOtherSubdomainsInLookup := false

Thank you, i’v been thinking about switching to another browser. This is really a killer non-feature.

Firefox: „Certificate Viewer“ – How to disable

Firefox 70 added a new „Certificate Viewer“ feature which moves the „Window“-based GUI to a „Web-Page“-View.

  • different look
  • no new features
  • missing features
    • Export Certificate

So this is no „new feature“ but a „modification of an existing feature“ – with less features.

Reenable the former full featureset

about:config
security.aboutcertificate.enabled := false

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.

Firefox: Don’t ignore the Windows Enterprise-CA Store

Not a new Feature for Windows, to use an enterprise CA to create server certificates.

And Firefox added the possibility to trust those certificates ages ago – but still you’ll get an TLS-error-message (in German „Kein Verbindungsversuch unternommen: Mögliches Sicherheitsproblem“).

This is no Security-Problem, it’s just a problem of using stupid defaults causing people to waste their time and providing no little level of security, since a CA operated on my own is much more trustworthy than public CAs which firefox trusts blindly.

Solution

Open

about:config

and change

security.enterprise_roots.enabled := true

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.

Annoying Firefox-Defaults to be changed

The Firefox-Developers know best what’s good for their users, so they hide a bunch of Settings in

about:config

so it’s hard to find them.

Some of them I change in every Firefox installation:

  • ask me if i want to download MP4-Files, disable the build-in Media-Player
media.play-stand-alone = false
  • use the DNS, not Google – if I enter a single word as URL
keyword.enabled = false
 
 
  • stop asking me if I really want to leave a page
dom.disable_beforeunload := true
 
  • stop autocompletion in the URL-Bar
browser.urlbar.autocomplete.enabled = false
browser.fixup.alternate.enabled = false
browser.fixup.alternate.prefix = (empty)
browser.fixup.alternate.suffix = (empty)
 

accessibility.typeaheadfind.flashBar 0

browser.fixup.alternate.suffix prod.local
browser.fixup.domainwhitelist.wiki true

browser.tabs.warnOnClose false
browser.urlbar.autocomplete.enabled false
network.dns.disablePrefetch true

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.