Best Free Firefox Add-ons

Notice

This article is a constant Work In Progress. It will never be "finished", only a little bit longer than before. It is constantly updated with new add-ons as time goes on.

Some add-ons are listed only by name without any accompanying text at all. Those are placeholders that need finishing and have been put there to help the Editor's memory and to already publicize them without waiting for a description to be written. Please do not post comments about descriptionless add-ons needing their accompanying text.

Introduction

FirefoxFirefox is one of the most popular browsers today, competing neck-and-neck with Chrome. Its main strong points are that it's

  1. always up-to-date with the latest web technologies and security details;
  2. cross-platform;
  3. customizable and extendable with the famous add-on system that can give you features you can only dream of if you're using a different browser;
  4. open-source, meaning anyone can see the code, contribute to it (with moderation) and make their own derivatives.

Good news is always accompanied by bad news though. Recently, Mozilla has been publishing certain long-term plans that could destroy Firefox's reputation as the ultimate browser. It seems they want to cater to nobody but the most inexperienced computer users and they couldn't care less about what advanced users think. I've personally been in discussions with them and - like many other people - am appalled by how they defy all logic and common sense in order to justify some of their very backwards decisions.

As a result, I personally prefer using Palemoon. It's a Windows-only fork or derivative browser with a lot of unnecessary features and changes left out. It resembles the previous generation of Firefox versions, but with the modern code under the hood. It's also specifically designed to cater more to powerusers than beginners, as you can tell from its almost exclusively tech-savvy userbase. It has only one developer (Moonchild) at the moment, but that hasn't stopped it from staying up-to-date, being a perfect replacement for FF and steadily conquering a share of the browser market.

Throughout the rest of the article, I will only refer to Firefox for the sake of simplicity. However, it should be obvious that anything that works in Firefox will almost certainly work in any of its derivative browsers (Palemoon, Waterfox, etc) as well, so don't worry if you're using one of those.

Page Index
 
Discussion
Page 1. Security

NoScriptNoScript - The ultimate bodyguard for your Firefox!

NoScript selectively blocks active content like JavaScript, Flash, Java, etc on webpages, based on each element's domain of origin. It's the most effective way of keeping yourself safe from attacks and making sure spying eyes of 3rd parties are blindfolded.

On the downside, because it blocks everything that isn't whitelisted, it will also disrupt legitimate website features. Getting NoScript to work optimally takes some tinkering and trying for each individual website. It has a few helpful settings for that though, and whitelisting safe/required content is done very quickly and easily.

Domains and subdomains can be permanently or temporarily whitelisted or blacklisted. Furthermore, it also blocks certain forms of attack such as Cross-Site Scripting and what it calls "Clickjacking" (mouse clicks being intercepted by an invisible page element).

I've written a detailed and easy how-to that explains everything you need to know to get the most out of NoScript. I strongly suggest reading it if you're not overly familiar with the technical details of webpages.

RequestPolicy IconRequestPolicy - Block unwanted 3rd party content

RP lets you set up whitelist/blacklist rules to prevent pages from loading 3rd party content, along with one or two "default policy" rules. Such content includes scripts, images, video/audio, Flash gadgets, etc. The 0.5 interface is very similar to NoScript's (a dropdown with sub-dropdowns for each domain), while 1.0 beta has a new interface more like Self-Destructing Cookies'. The latter is slightly less appealing, but more adapted to the modernization of Firefox.

Both RP and NoScript block content by domain name, but NoScript focuses on blocking only scripts and preventing a few particular kinds of scripting attacks. RP simply removes any non-whitelisted 3rd (and 3rd only!) party content. The unwanted effect on legitimate page content that happens to be external is far greater, but it also blocks a great deal of ads and generally slowing/obnoxious content and scripts.

Secure Login IconSecure Login - Safer and easier logins

SL is an extension to FIrefox's own password manager. It prevents the regular auto-filling of login forms for security purposes, and can even protect the form from JavaScript snooping (which I have personally experienced). If you want to log in, you have to click the new toolbar icon. It will fill in the form and submit it right away, automating that part of the process. It seamlessly supports multiple accounts on the same website, can highlight detected forms and can play sounds upon detecting and submitting said forms.

HTTPS Everywhere IconHTTPS Everywhere - automatically switch to HTTPS/SSL when available

HTTPSE allows you to automatically redirect HTTP connections to an HTTPS connection if the requested website supports it. This much improves your browsing safety and privacy in return for a small impact on speed.

In order to perform this redirection, HTTPSE contains 2 sets of redirect rules: one maintained by the developer/community, and a personal one you can make yourself, given that you can write Regular Expressions. Rules in either list can be disabled when needed.

The add-on also cooperates with the SSL Observatory, an organization dedicated to overseeing SSL certificates and ensuring your browser doesn't get handed a fake one. You will see an infomercial image after the initial installation, but nothing else will ever pop up after that.

Note that this add-on is not hosted on the Mozilla Add-ons website, but on the developer's own site. This may affect automatic updating.

HTTPS Finder - supercharge HTTPS EverywhereHTTPS Finder Icon

In order to create your own HTTPSE rules, you need to know if your websites have SSL and you need to be able to write a RegExp rule to make it work. Quite inconvenient, isn't it? That's what HTTPS Finder is for: it automatically detects (and optionally redirects to) HTTPS on any website you visit, and offers to create the HTTPSE redirection rule for you. You can even use it without HTTPSE and just let it redirect you each time. What's the difference, you ask? According to my packet sniffer, HTTPSE intercepts even the first HTTP request and redirects it to HTTPS before the connection is made, whereas HTTPS Finder waits until you've achieved a non-secure connection first.

Please note that, at least for me, HTTPS Finder does not yet work in Firefox 24 as of September 24th 2013!

HTTPSF is also not hosted on the Mozilla Add-ons site but on the developer's Google Projects page.

HTTP Nowhere IconHTTP Nowhere - disable non-HTTPS traffic

Like it says on the tin, this add-on blocks all non-HTTPS traffic. Only secure HTTPS traffic is allowed to enter and leave Firefox, nearly waterproofing your security. Unfortunately, many websites simply do not support HTTPS, so be prepared to lose a lot of your daily browsing habits if you are intent on using this!

BetterPrivacy - Control Flash's cookies or LSOs.

Most Flash objects on webpages store data in a folder on your computer, not unlike how cookies are used. This data can be anything from benevolent configuration settings and game saves to malicious things such as tracking details.

The BP interface will show you a list of all stored LSOs and the domain they're associated with. For each one, you can choose if it should be protected from deletion within Firefox, deleted on the spot or simply ignored/handled as default. You'll also want to take a look at the settings on the 2nd tab, as they allow you to do things like deleting non-protected LSOs on exit/start.

While BP certainly achieves its practical goal of protecting and deleting Flash cookies, its clunky interface leaves much to be desired and development seems to have ceased.

Popular but Not Recommended

Beef TACO - Block tracking cookies by overriding them.

Beef TACO sets read-only cookies on various malicious domains. This prevents those websites from storing their own data in your browser and achieving their sinister/annoying goals, such as tracking you across the web. Target websites include trackers and social networks such as Facebook.

The problem with this approach is that TACO creates hundreds of cookies for malicious domains in advance. These cookies clutter up your cookie management interfaces and cannot be deleted in any way. In addition, because it uses a blacklist, it only works on domains the developer includes in the list.

Beef TACO is a fork of the original TACO by Abine, but the original is so bad I will not even link to it here. It's 1.5MB in size (Beef TACO is only 17KB and achieves the exact same thing) and is bloated with unnecessary graphics, almost as if wanting to give you trophies for ticking options.

Quick Selection Guide - Best Free Firefox Security Add-ons

NoScript
5
 
Gizmo's Freeware award as the best product in its class!

Is a web service or web application
Allows active content (scripts and plugins) to run only if permitted by user or automatic rule, very effective blocking of unwanted or unreliable content and tracking
Needs to be manually tuned to almost all websites you want to use (though the process gets quicker and easier over time)
http://noscript.net/
Unrestricted freeware
Firefox-based browser
BetterPrivacy
3
 
Is a web service or web application
easy to use, works well
development possibly ceased, clunky interface, doubtful usefulness
Unrestricted freeware
Firefox-based browser

 

Editor

This software review is copy-edited by Glyn Burgess. Please help edit and improve this article by clicking here.

 

Tags

firefox add-ons, firefox extensions, free browser add-ons, best free add-ons, open-source, Mozilla Firefox add-ons

Back to the Page Index.

Share this
3.90909
Average: 3.9 (44 votes)
Your rating: None

Comments

by Paxmilitaris on 19. November 2014 - 1:46  (119699)

I know nothing of SecureLogin, i've been using LastPass for years.

Have you tested Cookie Controller?
https://addons.mozilla.org/en-US/firefox/addon/cookie-controller/

I think it's the same in firefox, but in palemoon flashblock is pretty much useless as the flash plugin itself can be set to Ask to activate.

This one Download Flash and Video pretty much always works.
https://addons.mozilla.org/en-US/firefox/addon/download-flash-and-video/...
For Youtube i use the feature of SmartVideo for Youtube and there's also SaveFrom.net when i'm not using my own Palemoon browser. I used to use DownThemall and DownloadHelper, but they aren't necessary anymore.

I like Stylish, it's just a bit hard to find styles that do what i want.

Palemoon commander, yes!

I also always have Mozilla Archive Format and FEBE.

by Aninnymous on 20. August 2014 - 15:07  (118089)

Ghostery, AdBlockEdge & AdBlockPlus (with proper config) are all roughly equal in ability to protect privacy. Disconnect comes in at a distant 4th.

[There is an obvious opt-out choice for anonymous reporting to Ghostery - I don't see any issue unless you don't pay attention and you SHOULD pay attention when installing software.] You need to do your homework when you configure AND UPDATE these add-ons; the default settings are NOT usually the best.

All according to this useful continuous testing site:

http://www.areweprivateyet.com/

which also helps you to configure the add-ons properly.

If you browse widely to 'new' urls on a continuous basis, NoScript is a royal pain in the butt.

by vin100 on 14. September 2013 - 18:09  (110708)

1/ Adblock has some deal with advertising company, I recommand the fork Adblock Edge
2/ Some website are blocking you if Adblock is enabled.
A Greasemonkey script removes many protections used on some website that force the user to disable the AdBlocker
Anti-AdBlock Killer : http://userscripts.org/scripts/show/155840

by Faziri on 23. September 2013 - 11:20  (110946)

Do you have anything to back up your claim in #1? I've compared ABP to ABE and don't notice any improvement or other advantage. I can hardly imagine there being any bias in ABP if you use custom filters either, what's a deal with an ad company supposed to impact? It's also a fork of the original, which to me is a caution bell signaling reduced app quality.

I'm a bit reluctant to post that script from #2 because it's not an add-on and it's only site-specific... It'll never be a comprehensive solution.

Thanks for the reply though.

by vin100 on 23. September 2013 - 14:25  (110952)

For #1 you'll find information for example here https://news.ycombinator.com/item?id=5995140

For #2 It's not site specific. It's specific to all website tracking adblock users

by Faziri on 23. September 2013 - 14:33  (110953)

#2 actually, it is. :)
"However, this script is not a universal remedy for all anti-adblock protection. this is why I am counting on all user for my report."
There's also the "Supported Sites" section.

Yes, it does target 4 particular, popular anti-AB scripts websites use. But that does not make it specific to all websites blocking adblock, only to the specific sites that have been reported so far + the sites that use those 4 particular scripts. It's kind of the same problem as with ABP's EasyList: 9 bazillion filters of which you'll only use 5, and those 5 will only be 1% of your browsing habits.

Either way, this article really isn't for GM scripts. Supporting a section for those would make this article far too large to maintain.

by jumba on 13. September 2013 - 5:28  (110685)

Some add-on suggestions for the editor

Page 1: Security
Secure Login

Page 3: Privacy
Disconnect
No Cookie for Google search

Page 4. Adblocking
SimpleBlock
Silent Block

Page 5: Downloading
Download Panel Tweaker
OpenDownload2

Maybe more categories, e.g.
-utilities/tools like FireFTP
-Photos, Music & Videos like ImageTweak, YouTube Grid View
-firefox customization like Tab Mix Plus, Location Bar Enhancer etc.
-performance like Local Load, Tweak Network
-advanced config like Pale Moon Commander, Configuration Mania, Config Descriptions

by Faziri on 13. September 2013 - 7:48  (110686)

Very nice suggestions! :) I love how I already use half of those add-ons, I hadn't even thought of them yet xD

by godel on 12. September 2013 - 23:33  (110683)

Flagfox.

It could either go in section 9 or section 2.

It displays a small country flag at the right hand side of your address bar, showing the country that the web server is located in. When you hover your mouse pointer over the flag it displays the server's name, IP address and name of the country of origin.

BTW, you should warn users of Ghostery not to agree to the information collection part of Ghostery. You're just replacing one set of spies with another, the Ghostery company itself.

by Faziri on 12. September 2013 - 23:50  (110684)

Flagfox is already in there, waiting for a details paragraph.

I'll add that, thanks.

by pratomorone on 12. September 2013 - 13:13  (110671)

"Anyone can make there own, incredibly useful, easy to use, takes up very little room, for me reliable."

There? How about their?

by Faziri on 12. September 2013 - 14:47  (110673)

That's from the previous editor :) I'm only at page 5 at the moment, page 5 and every page after it still needs to be cleaned up and revised.

by oblivion on 11. September 2013 - 13:41  (110654)

Not much listed under download managers: my favourite of the genre is DownThemAll (http://www.downthemall.net/)

There's also a tiny extension called OpenDownload which simply adds the option to open a download from the usual "save" dialogue. Obviously, the rationale for NOT having the "run" option in that dialogue in Firefox is security, so the use of this extension has its risks.

http://home.arcor.de/der_tuxman/ext/OpenDownload/index.htm

There's a heading for it on the Forms page but no detail yet: Lazarus, to be found at http://getlazarus.com/

Lazarus is a safety net. It remembers what you've typed into a webform so, if something goes wrong or you lose what you've typed, it'll have quietly remembered what you did and offer to put it back for you. I commend it to your attention :)

by Faziri on 11. September 2013 - 14:06  (110655)

DTA was already in there. The section as a whole is quite empty because the article is a WIP and because download manager add-ons are not something I've used often yet. I also avoid add-ons I believe to be too dumbed-down or case-specific, such as Youtube MP3 converters and such.

OpenDownload is a nice suggestion, thanks. I'm an opponent of boxing users into cages under the false motto of protection and security, like Mozilla is trying to do. Installed already and loving it.

And yes, I'm familiar with Lazarus, that's why I put it there: so I can work on it when I get to that section. Textarea Cache does something similar, but of course only on textareas. Handy to rescue WIP forum posts without revealing possibly sensitive form info.

:)

Gizmo's Freeware is Recruiting!

Gizmos Needs YouShare your knowledge of free software with millions of Gizmo's readers by joining our editing team.  Details here.