Features

This page lists some of the most important features and default settings present in LibreWolf. If you have any question check out our FAQ, or join our Gitter / Matrix room.

Privacy

• Delete cookies and website data on close.
• Include only privacy respecting search engines like DuckDuckGo and Searx.
• Include uBlockOrigin with custom default filter lists, and Tracking Protection in strict mode, to block trackers and ads.
• Strip tracking elements from URLs, both natively and through uBO.
• Enable dFPI, also known as Total Cookie Protection.
• Enable RFP which is part of the Tor Uplift project. RFP is considered the best in class anti-fingerprinting solution, and its goal is to make users look the same and cover as many metrics as possible, in an effort to block fingerprinting techniques.
• Always display user language as en-US to websites, in order to protect the language used in the browser and in the OS.
• Disable WebGL, as it is a strong fingerprinting vector.
• Prevent access to the location services of the OS, and use Mozilla’s location API instead of Google’s API.
• Protect the private IP address of the user when WebRTC is used. Limit ICE candidates generation to the default interface when sharing video or audio during a videoconference.
• Force DNS and WebRTC inside the proxy, when one is being used.
• Trim cross-origin referrers, so that they don’t include the full URI.
• Disable search and form history.
• Disable form autofill.
• Disable link prefetching and speculative connections.
• Isolate service workers.
• Disable disk cache and clear temporary files on close.
• Use CRL as the default certificate revocation mechanism, as it is faster and privacy oriented. For security and usability reasons, the browser might fall back to OCSP in some instances: when that happens, OCSP will be stapled to preserve privacy.

Security

• Stay up to date with upstream Firefox releases, in order to timely apply security patches.
• Enable HTTPS-only mode.
• Enable stricter negotiation rules for TLS/SSL.
• Disable SHA-1 certificates.
• Always force user interaction when deciding the download location of a file.
• Disable scripting in the built in pdf reader.
• Protect against IDN homograph attack.
• Implement optional extension firewall, which can be enabled manually.
• Revert user-triggered TLS downgrades at the end of each session.
• Set OCSP to hard-fail in case a certain CA cannot be reached.

Annoyances

• Block pop-up windows and prevent window resizing from scripts.
• Disable autoplay of media.
• Disable search suggestions and ads in the urlbar.
• Remove all the distracting and sponsored content from the home page.
• Remove the Pocket extension at compile time.
• Remove Mozilla VPN ads.
• Disable Firefox Sync, unless explicitly enabled by the user.
• Disable extension recommendations.

Others

• Completely open source and community driven.
• Easy and Docker-based build process, so that everyone can build from source in few steps and without local dependencies.
• LibreWolf specific UI that exposes the most important privacy and security settings, to allow you to easily control them.
• Completely disable telemetry, including crash report, normandy, studies and personalized recommendations.
• No data collection of any kind. In fact, as stated in our privacy policy, we wouldn’t even have the infrastructure to do that, making it impossible from a technical standpoint.
• Disable Google Safe Browsing, over censorship concerns, and in an effort to prevent Google from controlling another aspect of the internet. This would also make a developer key a requirement to build from source, which is something we are not comfortable with.
• Disable DRM, as it is a limitation to user freedom.
• Avoid making unnecessary changes that increase the fingerprint without giving any privacy gain.
• Only allow outgoing connections that are not privacy invading.
• Disable built-in password manager and suggest more robust options.