Firefox: Security tips to Identify and Protect Yourself from unsafe Websites

Insecure websites are vulnerable to cyberthreats, including malware and cyberattacks. If your site falls victim to a cyberattack, it can impact the site’s functioning, prevent visitors from accessing it, or compromise your customers’ personal information. If you haven’t secured your website for your visitors at this current year, please do so.

Mozilla has announced the rolling out of ‘Site Isolation’ security feature to Firefox Browser that aims to protect users against a new class of side-channel attacks from malicious sites.

The implementation loads each website separately in its own operating system process and, as a result, prevents untrusted code from a rogue website from accessing confidential information stored in other sites.

Anyway, here’s the two implementations we’re going to utilize:

  1. The HTTPS Only mode.
  2. Site Isolation.

Glossary

HTTP - Hypertext Transfer Protocol (often abbreviated to HTTP) is a communications protocol. It is used to send and receive webpages and files on the internet.

HTTPS - Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer.

Site Isolation- Site Isolation is a security feature that offers additional protection against some types of security bugs. It makes it harder for untrustworthy websites to access or steal information from your accounts on other websites.

HTTPS-Only Mode- this is a feature that ensures all of your connections are encrypted and secure. So you have peace of mind that no one can snoop on the content of the pages you visit or hack into your connection to a website to steal your passwords, credit card information, or other personal information.

A simple URL is usually something like this: http://example.com / https://example.com . Note the difference between the two URLs. One utilizes the hyper text transfer protocol only, and the other HTTP secure. The first one might lead you to a phishing website while the second one (https://medium.com) leads you to the secure version of the website.

If the website administrator has not yet enabled away to auto-redirect you(the user) to the secure version of the website, you can easily fall victim of all kinds of malicious activities targeted to exploit you. In this blog post, I’ll be directing you on how you can easily enable the HTTP only mode(which makes sure you’re always only surfing secure websites unless you opt otherwise) together with the new Site Isolation feature.

Step 1: How To Enable HTTPS Only Mode

  1. Go to Options Section -> Privacy & Security and navigate to ‘HTTPS Only Mode’ Section as seen below:

2. Click on the first option ‘Enable HTTPS-Only Mode in all windows’ . That’s all you’ve to do to enable HTTPS Only mode.

Alternatively, you can choose to install the ‘HTTPS Everywhere’ extension available on the Firefox Extensions to fulfill the same purpose.

Step 2: How to enable Site Isolation

Before Firefox rolls out a simple method to enable the site isolation feature like with the HTTPS-Only mode feature, follow this simple steps and you’ll be ready to test the feature:

  1. To enable site isolation on Firefox release / beta:

a)Navigate to about:config

click accept the risk & Continue

b)Set `fission.autostart` pref to `true`.

Toggle the arrows on far right to change fission status to true.

c) Finally Restart Firefox.

2. To enable Site Isolation on Firefox Nightly:

a) Navigate to about:preferences#experimental

b) Check the “Fission (Site Isolation)” checkbox to enable.

c) Restart Firefox.

That’s all for now friends. If you enjoyed this article, share it with your friends and colleagues. Safety and security is all that matters!

“Knowing is not enough; we must apply. Wishing is not enough; we must do.” — Von Goethe