Firefox is the default browser on many Linux distros, including Ubuntu and Fedora Workstation. While it already includes strong privacy protections like Enhanced Tracking Protection (ETP), several settings can be adjusted to significantly improve security and reduce tracking.

By default, however, Firefox still enables telemetry, relies on data-hungry search engines, and remains vulnerable to certain forms of browser fingerprinting.

The steps below show how to install an up-to-date build of Firefox on Linux and apply several security configurations that reduce tracking and narrow your browser’s attack surface.

Security Changes You’ll Make
Disable Firefox telemetry
Disable Firefox AI features
Change the default search engine
Strengthen Enhanced Tracking Protection
Enable fingerprinting protection
Enable DNS over HTTPS
Turn on HTTPS-Only Mode
Install the NoScript extension
Why Harden Firefox?
Projects like arkenfox provide a drop-in configuration file that applies extensive privacy-related changes.

There are also privacy-focused forks of Firefox, like LibreWolf, that ship with stricter defaults out of the box, including disabled telemetry.

Still, the trade-off is control. Choosing the options above means letting someone else decide which Firefox features to disable.

By hardening mainstream Firefox yourself, you’ll stay on the fastest security-update track and can reverse individual changes if a site stops loading properly.

How It Works
Mozilla offers granular security and privacy options in Firefox. You can access advanced settings by typing about:config into the address bar and toggling individual preferences.

You can also use the regular Firefox settings page to disable unnecessary features like AI integrations, switch to a more privacy-friendly search engine, and fine-tune your tracking protection.

Mozilla’s add-ons page lets you enhance Firefox functionality with trusted extensions. You can use this to prevent most potentially malicious scripts from loading.

Before you begin, double-check that you’re running the most recent version of Firefox. If it’s already installed, update it via the Linux command line:

sudo apt update && sudo apt upgrade

If you don’t already have Firefox, Mozilla provides an official APT repository for Debian and its derivatives, like Ubuntu. There are also Snap and Flatpak builds for other distros.

Visit Mozilla’s Linux install guide for distro-specific steps and up-to-date commands.

Step 1. Disable Firefox Telemetry
Click the three lines at the top right of the Firefox browser window and open Settings > Privacy & Security.

Step 2. Disable Firefox AI Features
Open Firefox Settings and choose AI Controls.

Under Block AI enhancements, enable the toggle.

Read the notification carefully about what content will be unavailable after you do this, then choose Block.

Step 3. Change the Default Search Engine
In Firefox Settings, choose Search.

Open the Default search engine dropdown and select DuckDuckGo.

If you prefer to use a different privacy-focused engine, go to the provider’s page and follow the instructions there.
For example, visit Startpage and choose Add to Firefox > Continue to Installation > Yes to make it your default search engine.

Step 4. Strengthen Tracking Protection
In Firefox Settings, choose Privacy & Security.

Change Enhanced Tracking Protection from Standard to Custom.

Open the dropdown menu in the Cookies section and choose All cross-site cookies.

Read the warning carefully about possible site breakage located at the bottom of the screen.
Step 5. Enable Fingerprinting Protection
If you selected Custom Enhanced Tracking Protection, confirm Suspected fingerprinters is set to All Windows, not just private windows.

Step 6. Enable DNS over HTTPS
Open Firefox Settings > Privacy & Security. Scroll down to the DNS over HTTPS section and select Max Protection.