How to do secure browsing and have the best browser security

Of all the threats out there, browser security is often forgotten.

This is tragic because browsers are a favorite target for malicious hackers. They’re the main way you interact with the Internet. You Google things, you visit blogs, buy online, pay your bills or browse Facebook.

In a nutshell

Step 1: Deactivate Flash, ActiveX and, if possible, Javascript.

Step 2: Install an adblocker like uBlock Origin or AdBlock Plus to avoid all ads and whitelist sparingly

Step 4: Use tools like Disconnect, Ghostery or Privacy Badger to stop advertisers from tracking you

Step 5: Use HTTPS Everywhere to encrypt your data for secure browsing

Browser security is essential for keeping your information safe.

Your browser is the window to the internet and also the first line of defense against malware threats. Some small tweaks to your browser security settings are all that you need to make your time online that much safer.

Here’s what you can learn to do by the end of the article:

  • How to keep advertisers from tracking you
  • How to stop your browser from automatically downloading malware
  • Block pop-ups and ads
  • How to avoid unsafe websites

Browser security features and their security vulnerabilities

Browsers use many tools for various tasks, such as Java, Flash Player, ActiveX, etc. But these often come with downsides for secure browsing. Cybercriminals will exploit any and all vulnerabilities to get access to your PC. A quick rundown of these tools will help you figure out if you need them or not.

Deactivate ActiveX.

A browser add-on that comes preinstalled on Internet Explorer or Microsoft Edge and only works with these browsers. ActiveX acts as a middleman between your PC and Java/Flash-based interactions in certain sites. This creates security problems by giving malicious websites a window into your PC. What’s more, ActiveX is rarely used nowadays, so be on your guard if a site asks you to install it.

Only accept the installation if you are 150% sure that site is trustworthy and will not impact your browser security.

Try to disable JavaScript.

JavaScript is a programming language used by websites to run various programs and features. Sites such as YouTube or Google Docs need it to function, but so do advertising, pop-up software and a whole host of other spammy elements from the internet.

Cybercriminals use JavaScript in malicious ways in order to infect your device with malware and other harmful software. If you disable JavaScript altogether you will get a much quicker, simplified and secure browsing experience.

No Javascript offers little to no ads, pop-ups, greatly improved page load times and generally a cleaner Internet experience at the cost of specialized tools such as Google Docs or YouTube.This doesn’t need to be as drastic as it sounds. You can always whitelist, aka give permission to certain sites to run JavaScript.

Delete Cookies.

These are small data files stored on your browser. Websites use cookies in order to remember your accounts and passwords, browsing history and to track user behavior on their site.
Because of the information they contain, cookies are prime targets for cybercriminals. Doubly so for the ones that contain emails, account names, and passwords.
When you disable and clear cookies you cut down on the personal data cybercriminals can obtain.
One thing you will want to keep in mind is that there are two types of cookies:

  1. First party and third party cookies.
    First party cookies are placed by the site you visit, for instance, you get a first party cookie by cnn.com while visiting cnn.com.
  2. Third-party cookies are placed by other sites.
    You get a cookie from amazon.com while visiting cnn.com.

Third party cookies are almost always placed on your computer by advertisers or marketers interested in tracking your movement online, so nothing bad will happen if you block them.

Remove browser extensions and add-ons

Add extra functionality to your browser such as ad blocking or search bars. However, these add-ons pose a security risk, since they can open up windows into your PC which can be exploited to inject malware.

Browser Security Settings for Chrome, Firefox, Internet Explorer and Microsoft Edge

While no single setting can make your browser 100% safe, the ones we are proposing will go a long way into protecting you from a majority of cyber attacks.

Secure Browsing for Internet Explorer

First, access the Tools icon in the top right corner and then go to “Safety”. Here you have the most useful shortcuts.

ie1

A nifty trick is the InPrivate browsing, similar to Chrome’s browser Incognito mode. If you use InPrivate Browsing, data like passwords or search and page history will be deleted automatically when you close the tab. This will help you against prying eyes like coworkers sharing your PC, spouses trying to see what you’re planning to purchase and so on. It’s also useful if you use someone else’s PC and don’t want to affect their browsing history.

To do this, right-select the Internet Explorer icon on the taskbar and pick Start InPrivate Browsing.

ie2

But let’s visit Tools again.

Here you can see 4 internet zones, the “Internet” security zone contains all the websites that are not in the “Trusted/Restricted sites” zone, meaning 99,999999% of the internet. For this zone, it’s best if you change the security level from Medium to High.

A side effect of selecting “High” is that features such as flash pages or ActiveX scripts might be disabled on certain pages.

If you want a more hands-on approach to browser security, press the “Custom Level” button and select what features you want to enable/disable.

In the “Trusted sites” zone you can include websites that you know for sure are risk-free so you can select a lower security setting that enables all the features of a site.

ie3

In the “Restricted sites” zone, you can write down websites you know are dangerous. This way, Internet Explorer can apply the maximum security settings while on the page.

ie4

Right next to the “Security” tab you will find the “Privacy” settings.

ie5

In here you will find settings related to Cookies. As we’ve said above, these remember personal information such as account names, emails, and passwords and more. Click the “Advanced” button.

In this area, you can find two columns, first-party cookies, and third-party cookies.

Session cookies are used on the same site to track the information from one page to another. On internet commerce websites, for instance, session cookies are used to track your order from one page to the next until the moment you check out.

Our recommended setting is to block both first party and third party cookies while disabling session cookies, unless you frequently use sites that need them to function properly.

Now press the “Sites” button and go to this menu.

ir6

Here you can write down what websites you allow to store or block cookies.

The last setting you should change in Internet Explorer can be found on the “Advanced” tab.

ir7

Scroll down on the list until you find “Enable third-party browser extensions*” and uncheck it. This will disable any browser extensions you may have, which is a good idea from a security perspective. Many of them have been known to secretly track a user’s behavior. They also openup potential security vulnerabilities.

 

Firefox hacks and tips for better browser security

If you use Mozilla Firefox and haven’t upgraded yet, we highly recommend you do. Firefox has a pledge to help users against tracking and has pledged its support to privacy. Firefox 57 Quantum brought a visual update to the classic browser. It also says it’s twice as fast as versions from the previous year, being optimized for modern processors.

If you want to edit your Firefox privacy settings, you can click on the top right icon. Or you can simply open a new tab and paste this address about:preferences#privacy.

f1

So let’s see how you can secure your online browsing with Firefox. This guide applies to both the newest and previous Firefox versions, the interface did not receive a major overhaul.

f2

In the “General” ta of the Downloads section, press “Always ask me where to save files”. This way, you won’t have a web location try to automatically save dangerous content to your computer. At the same time, this gives you the option to place suspicious content in a safe location where you can analyze it afterward.

f3

Next, go to the Privacy tab.

At the “Tracking” section press the blue text with “manage your Do Not Track settings”. Check “Always apply do not track”. After doing this, advertising, commerce and various other sites shouldn’t be able to track you across the web.

f4

While in the Privacy tab, at the “History” section, choose “Firefox will never remember history”. This is especially important if you know your device may be used by other people.

Of course, you can always use Firefox Private Browsing with Tracking Protection. Either visit the top right menu and select New Private Window or use the Ctrl+Shift+P keyboard shortcut.

f5

If you want to have the same features and a better control of your history section, without Firefox Private Browsing, do this:

f6

Check “Always use private browsing mode” so every time you close your Firefox browser it will clear browsing history, search results, cookies and download history.

The last changes you should make in Firefox can be found in the “Security” category.

f7

First, make sure all of the four checkboxes in the General section are checked in. This ensures that your browser will inform you whenever websites try to install malicious add-ons and other content.

In the “Logins” section you can set up a Master Password. Doing this is especially useful when multiple people have access to the computer since it asks you introduce a master password before you can access logins.

This way, other people won’t be able to access your important accounts such as email. Once more, we cannot recommend this enough, but don’t let your browser remember your passwords.

f8

 

Google Chrome tips and hacks for better browser security

First off, use the Chrome Cleanup Tool to scan and remove software that interferes with Chrome’s processes. It can clean-up toolbars, weird ads and random crashes.

To improve your Chrome browser security settings, go to the Settings area. It can be accessed in the top right corner of the browser.

c1

If you are logged into Chrome, under the “Sign in” section you will see an option named “Set up sync…” which will take you to a list of options.

c2

In the Encryption section, you can find “Encrypt all synced data with your own passphrase.” This is a nifty setting since it functions as a double password. If a malicious hacker learns your account info and password, they won’t be able to sync your search history, bookmarks, and login information until they enter the passphrase.

After you’re done setting up a passphrase, go to the bottom of the Settings page, where you can find a blue text that says “Show advanced settings…”. Click this to reveal more options.

c3

In the Privacy section, check the option to “Send a “Do Not Track” request with your browsing traffic”. Normally, this should prevent sites from tracking your activity on the web. However numerous loopholes exist in the browser and they allow a majority of websites to bypass this. Nevertheless, every bit of anonymity counts when you want to do secure browsing.

In the password section, we recommend you uncheck both “Enable autofill” and “Offer to save your web passwords.” While it can be a hassle to write down this information every time, browser security best practices dictate you to say no to Autofill passwords.

In the Privacy section, you can find the “Content settings…” button. This will take you to a whole host of options that concern your privacy and anonymity on the web.

c4

In the Cookies section, select “Keep local data only until you quit your browser”. If you are willing to cope with a loss in web browsing usability, you can select the “Block sites from setting any data” option. Lastly, we strongly recommend you check the “Block third-party cookies and site data” to enjoy secure browsing without advertisers and potential cybercriminals tracking you on the web.

We suggest you also check the “Do not allow any site to run JavaScript”. Read the JavaScript section so you know what functionality you might lose, but also what benefits you will gain.

In the Plugin section, you can select the “Let me choose when to run plugin content”. This will give you more control over plugins and stop an infected plugin to pass the malware on your PC.

c5

In the “Downloads” section, check the option to “Ask where to save each file before downloading”.

c6

Doing this will prevent a lot of malicious software from downloading itself automatically to your computer. It also gives you a greater sense of control of what gets on your PC.

We also recommend increasing security for Chrome by enabling Site isolation in your browser. It offers additional protection against some types of security bugs. You can do this by following the basic steps described in Google Chrome Help.

 

Microsoft Edge browser security tips and tricks

For Microsoft Edge, press the three-dot menu icon in the top right corner and select “Settings”. At the bottom of the menu, you will find the “View advanced settings” button.

ee1

Flash Player is a favorite hacking target for cybercriminals because of its numerous vulnerabilities. It’s a good idea if you disable it altogether. Some website features and pages might stop working. On the upside, so will spammy and annoying page elements.

At the “Downloads” section, make sure the “Ask me what to do with each download” option is selected. This browser security feature prevents the browser from automatically downloading malware or other potentially dangerous software onto your PC.

In the “Privacy and security” section, deselect the “Offer to save passwords” and “Save form entries”. For secure browsing, it is of critical importance to close any possibilities cybercriminals might have of getting their hands on your valuable accounts, passwords, and personal information.

Author: ANA DASCALESCU

https://heimdalsecurity.com/blog/ultimate-guide-secure-online-browsing/

 

 

 

 

Got a question or improvement? Leave a comment!

Current ye@r *