See the change log at the end for a complete revision history.
Introduction
First and foremost, use only uBlock Origin (uBO) by Raymond 'gorhill' Hill (here's the uBlock Origin page on the Firefox Add-ons website). While there may be some legitimate forks, there are also many ripoffs out there and i would highly recommend avoiding them.
uBlock Origin is not simply an ad blocker as many might assume, rather it is a powerful content filter, similar to a firewall, that is capable of both dynamic and static filtering. In addition to blocking annoying content such as ads, it can also block JavaScript, frames, images, 3rd party fonts and more, as well as help to prevent tracking and malware.
So what is the difference between static and dynamic filtering you ask? Static filters are filter rules which are provided by the various filter lists. Essentially you have no control over the filters provided by these lists; they are either enabled or disabled. Static filters filter out content like ads, malware, tracking technologies, annoyances and more. Static filter lists are enabled from the 'Filter lists' tab of the uBO dashboard. Dynamic filters are controlled from the pop-up interface when you click the uBO toolbar icon. Here you can create temporary or permanent filter rules to control images, JavaScript and frames and the rules can be applied globally or per-domain. Dynamic filtering only becomes available after you enable the 'I am and advanced user' option in the uBO settings and it is crucial to read the uBO wiki before enabling this option.
Following are my personal preferences for setting up uBlock Origin. There are no "best" settings since every use case is different, however i like to think they are generally sensible settings to start with. The configurations in the 2nd and 3rd columns of the table are intended to be used with the The Firefox Privacy Guide For Dummies! and the Firefox Configuration Guide for Privacy Freaks and Performance Buffs, respectively. In the former case the advanced mode option is disabled because i felt it would be too overwhelming for 1st time users and followers of the 'dummy' guide.
Regardless of which guide you are following, it is essential that you read the uBlock wiki with the exception of the Advanced-user-features section. If you are not following either guide i would highly suggest enabling the advanced mode option in uBO in order to leverage its dynamic filtering capability, as well as reading the Advanced-user-features section of the wiki.
Once uBO is installed, click its toolbar icon to reveal its popup user interface, then click the little sliders icon to reveal the "secret" Dashboard (i say "secret" because apparently quite a few people don't know it exists). These are the settings i recommend:
'Settings' tab
Settings not shown here are optional.
| Setting name |
'Dummy' guide settings |
Advanced guide settings |
| Hide placeholders of blocked elements 1 | disabled | optional |
| Show the number of blocked requests on the icon | enabled | optional |
| Disable tooltips | disabled | optional |
| I am an advanced user 2 | disabled | enabled |
| Privacy: | ||
| Disable pre-fetching | enabled | enabled |
| Disable hyperlink auditing 3 | disabled | disabled |
| Block CSP reports | enabled | enabled |
| Uncloak canonical names | enabled | enabled |
| Default behavior: | ||
| Disable cosmetic filtering | enabled | enabled |
| Block media elements larger than [50] KB | disabled | optional |
| Block remote fonts 4 | disabled | disabled |
| Disable JavaScript 5 | enabled | optional |
Footnotes
1 - If you are new to uBO and content filtering, you should probably not enable this option. Leaving this option disabled will sometimes provide a visual indication when something is blocked in the form of a placeholder where the object was, thus letting you know that something was blocked.
2 - This option may be enabled only after reading the Advanced user features section of the uBO wiki.
3 - This option can be left disabled as long as dom.security.https_only_mode is enabled in prefs.js, or in user.js or user-overrides.js if you're using the 'arkenfox' user.js, otherwise it should be enabled.
4 - Instead of blocking remote fonts globally and then allowing them per-site, you can automatically allow all 1st party fonts while blocking only 3rd party fonts. See the 'My filters tab' section below for more information. Novice users, or those that simply don't want to fool with filters for unblocking a 3rd party font needed for a given domain, may find it easier to set this to 'enabled' and then allow all remote fonts (1st and 3rd party) as needed from the uBO Dashboard.
5 - Enabling this option disables JavaScript globally by default and causes uBO to honor <noscript> HTML tags. A potential problem with this is that some page elements that might have been displayed had the <noscript> tags been ignored, may not display when this option is enabled. On the flip side, some websites may display a JavaScript disabled warning message which can be beneficial for novices. Also see Display website content hidden by JavaScript. For anyone concerned with their on-line privacy, JavaScript must be disabled globally, then allowed only for the websites where the functionality it provides is necessary. If you are following the advanced guide then you can either enable the 'Disable JavaScript' master switch in uBlock's settings, or block inline, 1st party and 3rd party scripts from the uBlock toolbar popup.
'Filter Lists' tab
| Filter lists: | |
| Auto-update filter lists | enabled |
| Suspend network activity until all filter lists are loaded | enabled |
| Parse and enforce cosmetic filters | disabled |
| Ignore generic cosmetic filters | enabled |
| Network filters: | |
| My filters | enabled |
| Built-in: | |
| uBlock filters | enabled |
| uBlock filters – Badware risks | enabled 1 |
| uBlock filters – Privacy | enabled |
| uBlock filters – Resource abuse | enabled |
| uBlock filters – Unbreak | enabled |
| Ads: | |
| AdGuard Base | disabled |
| AdGuard Mobile Ads | disabled 2 |
| EasyList | enabled |
| Privacy: | |
| AdGuard Tracking Protection | disabled |
| AdGuard URL Tracking Protection | enabled |
| Block Outsider Intrusion into LAN | enabled |
| EasyPrivacy | enabled |
| Malware domains: | |
| Online Malicious URL Blocklist | enabled |
| Phishing URL Blocklist | enabled |
| PUP Domains Blocklist | enabled |
| Annoyances: | |
| AdGuard Annoyances | enabled |
| AdGuard Social Media | disabled |
| Anti-Facebook List | disabled |
| EasyList Cookie | disabled 3 |
| Fanboy’s Annoyance | enabled |
| Fanboy’s Social | disabled |
| uBlock filters – Annoyances | enabled |
| Multipurpose: | |
| Dan Pollock’s hosts file | disabled |
| MVPS HOSTS | disabled |
| Peter Lowe’s Ad and tracking server list | enabled |
| Custom: | |
| Import... 4 | https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt |
| Import... 5 | https://raw.githubusercontent.com/DandelionSprout/adfilt/master/ClearURLs%20for%20uBo/clear_urls_uboified.txt |
Footnotes
1 - Optional for Linux users, highly suggested for non-technical Windows users
2 - Enable if using Firefox on a mobile device
3 - Enabling this list will hide a lot of those idiotic cookie notices however this list is already included in the Fanboy’s Annoyance.
4 - This list will shorten links - see here for further information
5 - This list eliminates the need for the Clear URLs add-on - for a description see this
Don't worry about the 'Regions, languages' section unless you browse sites in languages other than English in which case you'll want to enable those languages.
As of this writing you can find over 12 million filter lists on the FilterLists website, however i strongly advise you to be very careful about what ones you add, if any. In my experience the default filter lists offered by uBO are quite sufficient for general web browsing and adding more will use more memory, slow things down and potentially cause more conflicts and break more web pages.
'My filters' tab
You might wish to disable the 'Block remote fonts' option on the 'Settings' tab add the following to the 'My filters' settings instead. Depending on which line you uncomment (remove the ! ) you can allow all 1st party fonts while blocking all 3rd party fonts, or block all 3rd party fonts except for a single domain, or block all 3rd party fonts except for multiple domains. As written, the code below will allow all 1st party fonts while blocking all 3rd party fonts. All lines beginning with ! are comments and are not read by uBO. Only uncomment one line.
! >>> UNCOMMENT ONLY ONE LINE AND EDIT IT AS NECESSARY <<< ! uncomment the line below to allow 1st party fonts + block 3rd party fonts (default): *$font,third-party ! uncomment the line below to allow 1st party fonts + allow 3rd party fonts for a single domain (example.com): !*$font,third-party,domain=~example.com ! uncomment the line below to allow 1st party fonts + allow 3rd party fonts for multiple domains: !*$font,third-party,domain=~example.com|~example2.net
'My rules' tab settings
If you are following the Firefox Configuration Guide for Privacy Freaks and Performance Buffs or otherwise using uBO on its own, and you have enabled the 'I am an advanced user' setting, you can optionally replace the default behind-the-scene rules on the 'My rules' tab with the the following, however understand that these filters can break some websites for which you may need to add exceptions by using uBlock's logger feature:
no-large-media: behind-the-scene true behind-the-scene * 1p-script block behind-the-scene * 3p block behind-the-scene * 3p-frame block behind-the-scene * 3p-script block behind-the-scene * image noop behind-the-scene * inline-script block
If you are using the LocalCDN add-on you will need to add some rules to the 'My Rules' tab in the uBO Dashboard. The rules can be found in the preferences section of the LocalCDN add-on from where you will copy the rules specific to uBlock and paste them on a new, blank line in the 'Temporary rules' section of the 'My Rules' tab. Make sure to save and commit the changes. When adding the rules, be sure to remove any conflicting rules for the same domains if there are any (there won't be if you're starting fresh).
Dynamic filtering
If you are running uBO with the 'I am an advanced user' option enabled in order to activate dynamic filtering, i recommend setting the following rules in the 'Global rules' column of the popup interface:
NOTE: If you block 3rd-party globally or locally, uBO will not be able to update its filter lists until you create a 'noop' rule (allow) for the Filter Lists settings page which you can do from the dashboard pop-up interface while viewing that page.
Revisions
Click to expand...
1-Aug-2022
- set EasyList Cookie list to 'disabled' and edited the footnote to explain why
21-Mar-2022
- corrected an error where the URL for what was supposed to be the Clear URLs custom filter list pointed to the Legitimate URL Shortener list instead
- added correct URL for the 'Clear URLs for uBO' custom filter list
18-Feb-2022
- enable AdGuard URL Tracking Protection
- added
https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txtto Custom > Import - moved the 'Suspend network activity' setting to the 'Filter lists' table (thanks to commenter 'Xenthos' for pointing that out)
10-Feb-2022
- enabled Peter Lowe’s Ad and tracking server list
17-Dec-2021
- corrected some mistakes given the changes to the Firefox configuration guides
- updated filter list information - big thanks to 'Xenthos'
- changed the global dynamic filter settings in the 'Dynamic filtering' section
- edited the 'My filters tab' section to remove my personal filter
- changed 'Block remote fonts' setting in the 'Settings tab' section for advanced users and added a footnote
24-Nov-2021
- remove 'Prevent WebRTC from leaking local IP addresses' in 'Settings tab' table since it's no longer present
- removed 'Advanced guide settings, with uMatrix' column in 'Settings tab' table since uM is no longer developed
- removed all references to uMatrix
- removed the '
behind-the-scene * * block' filter from the 'My rules' tab settings section - added 'Block Outsider Intrusion into LAN' filter setting in the 'Filter Lists' tab section
- misc. edits
22-Sep-2021
- changed setting for WebRTC and updated the footnote - thanks to commenter 'black_mamba'
18-Sep-2021
- added a footnote regarding WebRTC
20-Mar-2021
- added the 'Uncloak canonical names' setting
- removed 'Fanboy’s Enhanced Tracking List' (thanks to 'tiger_man' for informing me of a change)
- minor edits
6-Jan-2021
- re-added the 'My filters tab' section with code to block all 3rd party fonts while allowing all 1st party fonts
- minor edits
4-Jan-2021
- several edits and a few changes to the 'Settings tab settings' section
- changed the value of the
behind-the-scene * imagefilter from 'block' to 'noop' in the 'My rules tab settings' section - minor edits
1-Dec-2020
- changed the setting for the 'Disable hyperlink auditing' option
24-Oct-2020
- fixed formatting and made minor change to the 'My rules tab settings' section
- added missing settings for 'images' and '3rd-party' rules
- rewrote the 'Dynamic filtering' section
- minor edits
23-Oct-2020
- edited information regarding remote fonts
- added a footnote for the 'Disable JavaScript' setting
- reversed order of change log items (newest first)
- minor edits
5-Sep-2020
- updated the information for the
behind-the-scenesrules\
30-Aug-2020
- updated 'Filter Lists tab settings' section - credit to reader '512Kb' for reminding me :)
- removed link: Blocking Web Fonts for Speed and Privacy | InfoSec
26-Jul-2020
- minor edit: expanded instructions for adding LocalCDN rules to uBO
5-Jul-2020
- edited unclear/incorrect information
- added a 4th column to the 'Settings tab' section for advanced users not following either of my guides and using uBlock Origin without uMatrix
- misc. minor edits
4-Jul-2020
- minor edits
1-Jul-2020
- corrected an error in the 'My rules tab settings' section - thanks to commenter 'Hash' for notifying me
6-Jun-2020
- removed information regarding the CSP (Content Security Policy) issue since this is fixed with Firefox v77
2-May-2020
- replaced reference to Decentraleyes with LocalCDN and added additional information
24-Apr-2020
- changed 'I am an advanced user' setting from 'enabled' to 'disabled' for the 'Advanced guide settings' - i don't know why i ever had this set to 'enabled', especially for those using uMatrix, which is the case in the advanced guide
- removed filter lists no longer included with newest version of uBO - thanks to 'theltalpha'
- minor edits
24-Mar-2020
- removed Adblock Warning Removal List (thank you 'someone')
7-Jan-2020
- updated filter list settings
- minor edits
1-Dec-2019
- removed
cnameAliasListfrom uBO settings (depreciated) - minor edits
22-Nov-2019
- changed value of
suspendTabsUntilReadyfromtruetoyes - separated settings according the Firefox guide being followed
- added a table of contents
- misc. edits
20-Nov-2019
- added info regarding
cnameAliasListoption
6-Nov-2019
- article first published
Comments
Note that both reader and my comments, while they may have been accurate at the time, might be inaccurate today. This is a highly dynamic environment so please verify the accuracy of comment content should you wish to utilize it. Failing that, ask me and i'll give it a crack.
in my experience, the general blocking of third-party fonts works very poorly and causes icons to no longer be displayed on various pages.
How about just adding this list instead?
# Third party fonts
https://fanboy.co.nz/fanboy-antifonts.txt
are you allowing 1st party fonts via the filter?
how does the fanboy list differ from blocking 3rd party? i would think that any less breakage with that list would be due to missing rules but i’m not familiar with filter syntax so i’m not really sure what he’s doing there
blocking 3rd and allowing 1st still breaks some sites (where web developers are too stupid to self-host their fonts), but not a lot for me personally – i tend to just mouse-over the broken characters to discover what they link to if i need to
Yes, allowing first party, only blocking third party, and as you wrote, it does indeed break some sites.
Maybe you’re right and it might be only the missing rules.
it’s an annoyance for sure and it’s the “modern” web dev that’s to blame, at least in part – one thing you can do is complain to the site owner, but i think the mass adoption of ad blockers is also putting a lot of pressure on devs to hopefully clean up their act but it may be too late for that
i think the web is going to split at some point between the corporate garbage and an “underground” web – of course this has already taken place with Tor, IPFS, etc., but it isn’t widely adopted… yet
i want to start to get on that bandwagon by converting this site to a static site (pure html and css) and, when it’s time, stick it on IPFS or some other P2P distributed infrastructure
you should look into this, those aren’t that ‘annoying’ :) https://forums.comodo.com/general-discussion-off-topic-anything-and-everything/extensions-t127841.0.html;msg914092#msg914092
wow, you’ve done some serious filtering there!
it’s not me…I’m not that good:) but I like how it works.
Thank you for the awesome guide. I am making the change to enabling the “I am an advanced user” option to leverage uBlock’s dynamic filtering.
I have set the “Global rules” for “inline scripts”, “1st-party scripts”, “3rd-party scripts”, “3rd-party frames”, but it is unclear to me if JS should still be disabled globally in “Settings” or if these 4 global rules in the dynamic filter does the same thing. In the case of dynamic filtering however, instead of flipping the Java Script switch on a per site basis for example you edit the dynamic rules instead. I hope I am making sense.
I suspect disabling JS globallly is not required anymore with those 4 dynamic rules set, i just want to do a sanity check.
> …it is unclear to me if JS should still be disabled globally in “Settings”…
no, the global rules you set will do the job
> I suspect disabling JS globallly is not required anymore with those 4 dynamic rules set
correct
> In the case of dynamic filtering however, instead of flipping the Java Script switch on a per site basis for example you edit the dynamic rules instead.
if you haven’t read the uBlock wiki, please do so
i’m a little confused by your question – you need not “edit” anything, you click the appropriate rule scope on the main pop-up
you’re at 12bytes.org, so if you want to allow scripts to run here, in the right column (local) you would click the gray box – if you wanted to allow other sites to run scripts from here, which there’s no reason to do, then you click the gray box in the left column (global)
> you need not “edit” anything, you click the appropriate rule scope on the main pop-up
That is what i meant by editing the dynamic rules yes.
Thank you for clarifying!
> I have set the “Global rules” for “inline scripts”, “1st-party scripts”, “3rd-party scripts”, “3rd-party frames”,
by that i assume you mean the corresponding boxes in the left (global) column are all red which is correct for a default-deny scenario
Hi.
Why do you suggest disabling cosmetic filtering?
“Parse and enforce cosmetic filters – disabled.
Ignore generic cosmetic filters – enabled.”
that’s just a suggestion – from what i understand cosmetic filtering adds substantial overhead to uBO and personally i don’t see any real benefit from it – in my case i block elements using CSS
“in my case i block elements using CSS”
Is it described somewhere in your instructions how to do this?
Firefox Tweaks and Fixes and Styles and Things
Thanks
May I ask if the version of this guide that still featured uMatrix is available to read somewhere?
sorry, it is not – uM isn’t really being worked on anymore
Yes I know, that’s not why I’m asking, I’m not even asking if you’re maintaining a separate version of this guide. I found it on the Wayback Machine.
I was just following this guide, as i had previously followed the Firefox privacy guide but it seems you have changed it since I last used it. Anyway I found that the dummy guide settings might need to be updated as some of those options come up with a triangle in uBlock stating out of date.
you just need to update the lists; settings > filter lists … then click the ‘update now’ button