Set Internet Explorer and Firefox to maximize your security

Make sure your browser is as safe as possible by tweaking its default security settings.

Modern browsers are much better than their predecessors at keeping your Web activity private and your data safe. Still, you may not have your browser configured to provide optimum security. Take a few minutes to give Internet Explorer 7 and Firefox 2 a safety check.

Batten down IE7's hatches
The version of IE7 for Vista adds the Protected Mode, which allows Web sites to access only the Temporary Internet Files folder on your PC. According to Microsoft, this feature is on by default for the Internet, Intranet, and Restricted zones, but disabled for the Trusted Sites and Local Machine zones. On my machine it was enabled for all zones. You'll see "Protected Mode: On" in the status bar when it's active, or click Tools > Internet Options > Security, and make sure "Enable Protected Mode (requires restarting Internet Explorer)" is checked at the bottom of each zone.

The Security section of IE7 for Vista's options
Maximize security in IE7 for Vista by making sure Protected Mode is enabled. Microsoft

There have been some reports of Protected Mode causing problems, so if a particular page won't load or run correctly, disabling this feature may solve the glitch, though I don't recommend keeping Protected Mode off. The Web's not getting any safer, and you need all the protection you can get.

Another great new feature in IE7--for XP and Vista alike--is the Phishing Filter. Why the filter is off by default I'll never know. To activate it, click Tools > Phishing Filter > Turn On Automatic Website Checking > OK. Unfortunately, choosing Tools > Phishing Filter > Phishing Filter Settings merely opens the Advanced Internet Options dialog box, where you can scroll down to the Phishing Filter section under Security, only to find that your only two options are to disable the filter, and to "turn off automatic website checking." But while you're in the Advanced Options settings, make sure "Automatically check for Internet Explorer updates" is checked in the Browsing section. Click OK when you're done.

Get into the habit of covering your browsing tracks on a regular basis. In IE7 you can wipe out your browser history, Temporary Internet Files, cookies, saved form data, and saved passwords at one time by clicking Tools > Delete Browsing History > Delete All. Or erase each category separately by clicking the appropriate button in the Delete Browsing History dialog box.

Internet Explorer 7's Delete Browsing History dialog box
Wipe your browser's history clean by clicking Delete All in IE7's Delete Browsing History dialog, or clear each category separately. Microsoft

Stay safe while browsing with Firefox
Just because Mozilla's open-source browser has a reputation for security doesn't mean you can use it to visit any site on the Web without a care in the world. Last month I described NoScript , a free Firefox add-on (donationware, actually) that lets you decide which scripts can run on which Web pages on a case-by-case basis. If you use Firefox regularly and you haven't added NoScript, download and install it, and in no time you'll wonder how you ever browsed without it.

There's another simple step you can take to improve Firefox's security: Make sure you have the browser set to update automatically. The current version is 2.0.0.12; to check your copy's version, click Help > About Mozilla Firefox, and look for the version number under the product's name. To verify that the program updates automatically, click Tools > Options > Advanced > Updates, and make sure Firefox is checked under "Automatically check for updates to." You may also want to check "Automatically download and install the update" under "When updates to Firefox are found." I also check "Installed Add-ons" under the former, and "Warn me if this will disable any of my add-ons" under the latter.

Mozilla Firefox's update settings in the Advanced Options dialog box
Set Firefox to check for updates automatically via the Advanced Options dialog box. Mozilla Foundation

Not long ago an attempt was made to spoof Firefox's address bar to fool people into thinking they were on a site other than the one they were actually visiting when a link opened in a new window. The simplest way to avoid this is by setting Firefox to open links in a new tab rather than a new window: Click Tools > Options > Tabs, and make sure "A new tab" is selected under "New pages should be opened in." You can also disable this feature by typing about:config in the address bar, pressing Enter, navigating to dom.disable_window_open_feature.location, and double-clicking it to change it to "true".

Web sites often know the page you were on before you opened one of their pages. To block this referrer header, type about:config in the address bar, press Enter, navigate to network.http.sendRefererHeader, double-click it, and set the integer value to 0.

Tomorrow: Get your Office docs online with Office Live Workspace.

About the author

    Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    Up for a challenge?

    Put yourself to the real tech test by building your own virtual-reality headset with a few household items.