Browser Hardening

With the internet becoming a more regular part of our lives, what are the ways we can protect our browsers?

April 14, 2020Author: Samuel Barrows

As many of us have been shifting to working from home instead of an office, the internet has become more important than ever. Even if you’re not working from home, this is a great time to learn a new skill, pick up a new hobby, or even start binging a new show. In order to do that, especially in our modern times, we rely on our internet browsers to give us safe and reliable access to the information that we need. While this is something that many of us do every day, some may not realise that they’re browsing unsafely and are putting themselves at risk.

The internet browser, programs such as Chrome, Safari or Firefox, are configured with features and settings that may put you at risk for an attack from a hacker, for downloading a virus, or even having one of our accounts stolen (without them needing a password)! So, how can one better protect ourselves from dangers like these? Well, there are a few steps that can be taken.

Changing Your Settings

The first step in protecting your browser is to change the settings within it. Navigate to the options/settings of your browser. This can be found generally in the top right corner of your browser right under the X. A settings or options button can be found in that drop down menu. Here, you can change and see certain ways that your browser actually works. Most of these settings may seem innocent enough, but changing a lot of these can make a big difference when it comes to your safety. The browser you are using should have settings for all of these.

Block Pop-Ups

In Chrome, the option to block pop-ups can be found in a search of the settings or under Privacy and security -> Site settings -> Pop-ups and redirects

Pop-ups can be very dangerous and have some serious consequences! A seemingly innocent website could have a malicious pop-up that has a bad link in it or downloads a virus onto your computer. Pop-ups are not always dangerous, but the safest option is to have them blocked.

If the website you are on is one you trust and you need to allow the pop-up is necessary, then you can allow that specific pop-up to happen. But you shouldn't allow every pop-up to happen, especially if you are on a site you do not trust!

Always Ask First!

In Chrome, you can edit specific settings regarding location, notifications, and hardware.

A lot of settings can be set to Ask First or Prompt. For example, there are a lot of websites that you may want to use your microphone or webcam on. Sure, Google Meets or Zoom should have access to your microphone, but does some random site you just found? When you have it set to Ask First, you will always know when a website wants to download something or when they want access to your webcam. If you trust the download or trust them with access to your face, you can allow them. Having this setting set to prompt you everytime gives you complete control over certain information that websites would just be able to get automatically.

Send "Do Not Track" Requests/Block 3rd Party Cookies

In Firefox, the option looks like this and can be found under Privacy & Security

Enabling the “Do Not Track” setting is important to your safety as well as your privacy. Many websites will track you around the web, the "Do Not Track" request asks that they can’t collect your data. Whether they accept that request is under their discretion, but it doesn't hurt to ask. You can still mitigate the amount you get tracked around by blocking something called a third party cookie. This is something that websites might use in an attempt to track you, but a third party cookie could also be something sent out by an attacker in order to send you false information. Websites will work without these trackers or third party cookies, so there is no need for you to allow them.

Turn on Automatic Updates

In Firefox, this setting can be found under General -> Firefox Updates

Something we all have to deal with is updating our software and operating system. While this may seem like a pain every time you have to do it, it is essential for your safety and security! New exploits and vulnerabilities come out every day, and developers will push updates constantly in order to combat this. If you are serious about your security, keeping up to date on your browser (and all your other software) is essential and must be done!

Don't Save Passwords

In Chrome, this setting can be found under Autofill -> Passwords.

This may seem very convenient, if you allow your browser to save your passwords and login information, you don't have to remember your passwords at all! But what a lot of people do not know is that this leaves your passwords at the mercy of anyone who can access your browser, including hackers. It may seem convenient to keep your passwords saved to your browser, but it is actually a huge risk. Make sure to turn this setting off and deny any requests to save your password in your browser.

Installing Some Extensions

All of the settings you changed above are important to your security while using your internet browser, but what else could you do? Well, you can install some security oriented extensions! The ones listed below are available on almost every common browser today. You don't need to install all of these for your browser, they are just trusted examples of a variety of extensions available.

If you are going to choose just one of these to install on your browser, I would recommend uBlock Origin. It is your standard adblock, but also has the capabilities of filtering much more on your webpages. This is an extension you don't have to dive too deep into if you don't want too. It has a lot of capabilities that you can tweak, but I recommend just installing it and keeping it up-to-date when it needs to update. If you would like to dive deep into this extension, make sure to do some research beforehand!

Another great extension to install is HTTPS Everywhere. This is a simple extension that, if offered by the website, will encrypt your traffic through HTTPS, which is another layer of security that can help a lot.

Remember when we talked about third party cookies? Sometimes, your browser may let a third party cookie slip its radar and get installed on your computer. These extensions are made to prevent that. They are able to block third party and invisible cookies from getting onto your computer, which can be very helpful when you are trying to stay secure. But, only one of these should be installed.

Almost every website today runs a programming language called JavaScript. It is how most websites are programmed. However, some of these websites may be insecure, allowing an attacker to inject their own code into the website in an attack called Cross Site Scripting. Through this, an attacker may gain access to your accounts, download a virus to your computer, or do practically anything they want. That's why it can be useful to use a script blocker such as NoScript. It will block all JavaScript on a website until you manually enable it. This can be annoying sometimes, but useful in the long run if you are browsing some sketchy websites.


Browsers are used everyday, and in our current situation, are getting even more use than before. Having these easily fixable holes in your web browser can leave you open to dangerous attacks. Although it is difficult to be completely safe, it is always best to remain cautious of the things that you are doing. Make sure you trust all websites & links you are browsing through. Having these settings changed and installing these security oriented extensions will benefit you greatly, but you can still be attacked. Remember to stay safe!