STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Mozilla Firefox Security Technical Implementation Guide

V-251568

CAT II (Medium)

Firefox cryptomining protection must be enabled.

Rule ID

SV-251568r960963_rule

STIG

Mozilla Firefox Security Technical Implementation Guide

Version

V6R7

CCIs

CCI-000381

Discussion

The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, for example. If a site is on one of the tracker lists that Firefox is set to use, the fingerprinting script (or other tracking script/image) will not be loaded from that site. Cryptomining scripts use a computer's central processing unit to invisibly mine cryptocurrency.

Check Content

Type "about:policies" in the browser address bar. 

If "EnableTrackingProtection" is not displayed under Policy Name or the Policy Value is not "Cryptomining" with a value of "true", this is a finding.

Fix Text

Windows group policy:
1. Open the group policy editor tool with "gpedit.msc".
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Tracking Protection
Policy Name: Cryptomining
Policy State: Enabled

macOS "plist" file:
Add the following:
<key>EnableTrackingProtection</key>
  <dict>
    <key>Cryptomining</key>
 <true/>
  </dict>

Linux "policies.json" file:
Add the following in the policies section:
"EnableTrackingProtection": {
  "Cryptomining": true
}