Friday 29 August 2014

Allow access to only one website with Firefox browser

What:

Firefox Web Browser on Windows or Linux machine

Problem:

You want to allow users to access only one specific websites with Firefox.

Solution:

Solution for Windows

The trick here is to use a proxy server (doesn't have to be a real one) and skip proxy for a website we want to allow access to.

1. Navigate to "C:\Program Files (x86)\Mozilla Firefox\defaults\pref"
2. Create new file local-settings.js
3. Open it in notepad and paste the following content
pref("general.config.obscure_value", 0); // only needed if you do not want to obscure the content with ROT-13
pref("general.config.filename", "mozilla.cfg");
Save & exit
4. Navigate to "C:\Program Files (x86)\Mozilla Firefox"
5. Create new file mozilla.cfg
6. Open it in notepad and paste the following content
lockPref("network.proxy.backup.ftp", "");
lockPref("network.proxy.backup.ftp_port", 0);
lockPref("network.proxy.backup.socks", "");
lockPref("network.proxy.backup.socks_port", 0);
lockPref("network.proxy.backup.ssl", "");
lockPref("network.proxy.backup.ssl_port", 0);
lockPref("network.proxy.ftp", "localhost");
lockPref("network.proxy.ftp_port", 1);
lockPref("network.proxy.http", "localhost");
lockPref("network.proxy.http_port", 1);
lockPref("network.proxy.no_proxies_on", "website.com, website.net");
lockPref("network.proxy.share_proxy_settings", true);
lockPref("network.proxy.socks", "localhost");
lockPref("network.proxy.socks_port", 1);
lockPref("network.proxy.ssl", "localhost");
lockPref("network.proxy.ssl_port", 1);
lockPref("network.proxy.type", 1);
lockPref("browser.startup.homepage", "http://www.website.com");
Save & exit
 7. Done

If you have a webserver you can replace localhost with ip of your server, set http_port to 80 and create nice page saying for example:

ACCESS DENIED

You are not allowed to browse internet from this browser

Solution for Linux


Steps are exactly the same, the only difference is location of the files.
/usr/lib/firefox/defaults/pref/local-settings.js
/usr/lib/firefox/mozilla.cfg

TIP

If you want to block access to a different settings in Firefox use prefs.js file which is located in user profile directory. Copy content of the file and simply replace user_pref with lockPref then inject it into your mozilla.cfg file.


Some common settings:

# Disable autoupdate, automatically set up profile on the first run
lockPref("app.update.auto", false);
lockPref("app.update.enabled", false);
lockPref("app.update.service.enabled", false);
lockPref("toolkit.telemetry.prompted", true);
lockPref("browser.rights.override", true);
lockPref("browser.startup.homepage_override.mstone", "ignore");
lockPref("browser.shell.checkDefaultBrowser", false);
# Set disk cache size, file download location, startup page
lockPref("browser.cache.disk.capacity", 61440);
lockPref("browser.cache.disk.smart_size.enabled", false);
lockPref("browser.cache.disk.smart_size.first_run", false);
lockPref("browser.cache.disk.smart_size.use_old_max", false);
lockPref("browser.cache.disk.smart_size_cached_value", 256000);
lockPref("browser.startup.page", 1);
lockPref("browser.download.useDownloadDir", false);
lockPref("browser.startup.homepage", "http://www.google.com");


Related post: Prepare Mozilla Firefox for Enterprise Deployment and Virtualization

2 comments:

  1. this post is very useful, however if i add maps.google.com, images did not load properly.

    ReplyDelete
  2. if I go to maps.google.com I am actually redirected to google.com/maps/..., so adding .google.com and perhaps .gstatic.com should help

    ReplyDelete