The latest Firefox STIG leaves out important details and lists settings that no longer exist. It took a few hours to get this config file to work with settings that are actually still available in 59.01. For reference, see: http://kb.mozillazine.org/About:config

Note that I use Notepad++ on Windows to avoid formatting issues with notepad.exe. Do yourself a favor and download the latest at https://notepad-plus-plus.org/

1) Create a file named local-settings.js and add one line. Using Notepad++, you can save it as a proper JavaScript file (.js):

2) Place local-settings.js file in the following locations depending on whether you have x32 or x64 bit Firefox:

For x64 bit:
C:\Program Files\Mozilla Firefox\defaults\pref

For x32 bit:
C:\Program Files (x86)\Mozilla Firefox\defaults\pref

3) Create a file called mozilla.txt. Add the text below (everything under contents of mozilla.txt staring with //Firefox). Launch a browser (Chrome, IE, Opera) and browse to:


4) In the middle of the page, under Upload mozilla.txt to get mozilla.cfg (byteshift 13), click browse, and select your mozilla.txt file. Next, click Convert mozilla.txt to mozilla.cfg, and save the file when prompted.

5) Place the mozilla.cfg file into the root of the Firefox directory as show below.

For x64 bit:
C:\Program Files\Mozilla Firefox\

For x32 bit:
C:\Program Files (x86)\Mozilla Firefox\

6) Start Firefox. In the Location bar, enter about:config. Click I accept the risk. At the top of the page in the center, click Status to sort the status of the settings. All of the locked settings should be italicized with a status of locked.

Contents of mozilla.txt:

//Firefox settings that work from Mozilla_Firefox_V4R20 as of Firefox 59.01 March 2018
lockPref(“security.default_personal_cert”, “Ask Every Time”);
lockPref(“network.protocol-handler.external.shell”, false);
lockPref(“plugin.disable_full_page_plugin_for_types”, “application/pdf,application/doc,application/xls,application/bat,application/ppt,application/mdb,application/mde,application/fdf,application/xfdf,application/lsl,application/lso,application/lss,application/iqy,application/rqy,application/xlk,application/pot,application/pps,application/dot,application/wbk,application/ps,application/eps,application/wch,application/wcm,application/wbi,application/wb1,application/wb3,application/rtf,application/wch,application/wcm,application/ad,application/adp,application/xlt,application/dos,application/wks”);
lockPref(“browser.formfill.enable”, false);
lockPref(“signon.autofillForms”, false);
lockPref(“signon.autofillForms.http”, false);
lockPref(“signon.rememberSignons”, false);
lockPref(“dom.disable_window_open_feature.status”, true);
lockPref(“dom.disable_window_move_resize”, true);
lockPref(“security.tls.version.min”, 2);
lockPref(“security.tls.version.max”, 3);
lockPref(“dom.disable_window_flip”, true);
lockPref(“dom.event.contextmenu.enabled”, false);
lockPref(“dom.disable_window_open_feature.status”, true);
lockPref(“app.update.enabled”, false);
lockPref(“extensions.update.enabled”, false);
lockPref(“browser.search.update”, false);
lockPref(“datareporting.policy.dataSubmissionEnabled”, false);

7) Click the link below for a copy of the files. The zip has a converted mozilla.cfg, the source mozilla.txt, local-settings.js and a README file.