Important Web Browser Security Information

In this tutorial, we cover important security information about web browsers that contribute to overall web security …

WordPress Security TutorialsThis tutorial is part of our tutorial series on WordPress Security. In this tutorial, we cover important security information about web browsers that contribute to overall web security.

***

Important Web Browser Security Information

In the previous section of this tutorial we showed you how to configure your browser settings. In this section, you will learn general browser security tips to ensure a safe browsing experience. The suggestions shown in this section can be implemented at no cost.

Note: In the tutorial examples below Firefox is used as the main browser. All major browsers have similar features, and a link to their browser support pages is provided in the ‘References’ section at the end of this tutorial.

Browser Security

Keep Your Browser Up-To-Date

Like all other aspects of the security “cat and mouse” game, hackers are constantly searching for new vulnerabilities and weaknesses in browsers that they can exploit and browser companies are constantly releasing updates to fix these issues.

Running the latest version of your browser ensures that you have the latest security technology.

You can check the latest version of Firefox by going to ‘Firefox’ > ‘Help’ > ‘About Firefox’ …

Browser Security

The ‘About Mozilla Firefox’ screen will display your current version and whether there is a new version update …

Browser Security

Important

By default, Firefox is set to automatically update itself but you can configure Firefox to do manual updates.

To change the setting for Firefox browser updates, go to ‘Options’ > ‘Update’ tab and select an option other than the automatic updates …

Browser Security

Note: If you want to change from automatic to manual Firefox updates, we recommend choosing the option of letting Firefox ask you whether to install new updates, instead of choosing “no” updates, which would create a security risk.

TipBefore upgrading your browser to the latest version, it’s a good idea to run a search online to see if there are any problems with the new version (e.g. conflicts and incompatibilities). Simply type in “your browser name + version number + problem” (e.g. “Firefox 27 problem”) into your search field …

Browser Security

To learn more about updating your browser, visit the browser help pages below:

Be Careful When Using Browser Plug-ins

Plug-ins are small, downloadable programs that add functionality to your browser. When you visit a website, you may receive a message on your screen informing you that, in order to view features on the site, you have to download and install a browser “plug-in.”

Think about the following before clicking on the install button:

  • Any software that you install may need to be updated, and could contain security vulnerabilities.
  • Is the plug-in from a trusted or trustworthy site? If you don’t know or aren’t sure, don’t click.
  • Is the plug-in really necessary? The fewer plug-ins you have installed in your browser, the safer your browser will be and the better the performance.

Check That Your Browser And Plug-ins Are Safe And Up-To-Date

Keeping your browser and plug-ins up-to-date and ensuring that all components are safe is vitally important to your overall online security.

Qualys, a leading provider of information security solutions has developed a free browser checking tool called “BrowserCheck” that lets you easily and quickly scan your browsers, plugins, security settings, and patches to identify common security issues …

Qualys Browser Check

To use BrowserCheck, click on the ‘Install Plugin’ button …

Browser Security

Depending on your security settings, you may have to allow Firefox to install the plugin …

Qualys Browser Check

Install the plug-in …

Qualys Browser Check

You will need to restart Firefox for the plugin to work …

Qualys Browser Check

After restarting Firefox, go to ‘Tools’ > ‘Qualys BrowserCheck’ …

Qualys Browser Check

The tool will automatically perform a security analysis of your browser and plug-ins looking for vulnerabilities and allowing you to fix any issues it finds …

Qualys Browser Check

Note: You can also turn automatic scans for this plug-in on or off from the screen (see screenshot above).

If you don’t want to install the plug-in, you can just perform an online scan …

Browser Security

An onscreen report will present you with the results of your scan and allow you to fix any issues it finds …

Qualys Browser Check

For more information about the Qualys browser checking tool, visit the site below:

Block Pop-Ups From Displaying On Your Browser

Pop-up windows, or pop-ups, are browser windows that appear automatically without your permission. Pop-ups can vary in size from small to large windows and some can even cover your whole screen. Some pop-ups open on top of your current browser window, while others appear underneath them (called pop-unders).

Unless you have a reason to allow pop-ups to display on your browser, it’s best to set your browser to block pop-ups from websites and advertisements. This will minimize spyware and the chances of clicking on ads that load malware onto your computer.

Useful Info

Many malicious sites use pop-ups that look very similar to the warning messages used by your operating system to warn you about issues …

Browser Security

Avoid clicking on these pop-ups. They are ads disguised as help windows, and will usually install spyware or malware on your computer. Close these ads by clicking on the X in the top right corner of the window.

Blocking Pop-up Windows

In Firefox, pop-up blocking is turned on by default, so you don’t need to enable it to prevent pop-ups from appearing, as shown in the screenshot below …

Browser Security

If you want to control both pop-ups and pop-unders, then go to the ‘Options’ > ‘Content’ tab and enable/disable the checkbox in the ‘Block pop-up’ windows’ section …

Browser Security

Notes:

  • Blocking pop-ups may interfere with some websites: Some websites, including some banking sites, use pop-ups for important features. Blocking all pop-ups disables such features. To allow specific websites to use pop-ups, while blocking all others, you can add specific websites to the list of allowed sites in Firefox.
  • Blocking pop-ups doesn’t always work: Although Firefox blocks most pop-ups, some websites may show pop-ups using uncovered methods, even when blocked.

To learn more about blocking pop-ups in Firefox, visit the Firefox help section below:

In Google Chrome, you can configure settings for blocking pop-ups by clicking the menu icon on the browser toolbar, and selecting ‘Settings’ …

Browser Security

Click on ‘Show advanced settings’ …

Browser Security

Scroll down to the ‘Privacy’ section and click on the ‘Content settings’ button …

Browser Security

Scroll down the page to the ‘Pop-ups’ section and configure your settings …

Browser Security

To learn more about blocking pop-ups in Google Chrome, visit the Google Chrome help section below:

Tip

You can test the effectiveness of your popup blocking browser settings and tools by visiting a site like PopupTest.com and running some of their tests …

PopupTest.com

Disable Scripts And Active Content

Set your browser to prompt you whenever Javascript, Java or ActiveX controls are executed on a Web site. Malicious code can sometimes be hidden in these functions. Be sure that the site you’re visiting is trustworthy before enabling the content.

To learn more about enabling / disabling Javascript in your browser, visit the site below:

Consider Using Web Of Trust (WOT)

The Web Of Trust is a safe browsing tool that warns you of potentially dangerous websites …

WOT

WOT is a free community-powered website reputation service that tells you which websites you can trust based on other users’ experiences. It protects you from threats that only humans can spot, such as scams, phishing, and bad online shopping experiences.

WOT is an add-on application that installs on your Firefox browser. When you do a Google search, a circular indicator will appear next to each search result that has been rated by the service …

Qualys Browser Check

Red indicates a site that is probably dangerous, yellow a potentially dangerous site, and green a site that is probably safe to use. Once you’ve logged in to a website, the same indicator appears in the title bar of the browser …

Web Of Trust

WOT ratings are based on ratings by members of the online community. While the information is not authoritative, it can provide useful information about websites, especially by providing an early warning of sites to avoid …

Web Of Trust

For more information about Web Of Trust, visit the site below:

Browser Security

This is the end of this section. In the next section, we review additional web browser security tips. To continue, click on the link below:

See also …

References

***

"This is an awesome training series. I have a pretty good understanding of WordPress already, but this is helping me to move somewhere from intermediate to advanced user!" - Kim Lednum