Tor Browser Hardening Guide
Published: July 12, 2026 | Reading Time: 10 min
1. Security Slider
Tor Browser includes a Security Slider with three levels: Standard, Safer, and Safest. At the Standard level, all features are enabled. Safer disables JavaScript on non-HTTPS sites and disables some fonts and math symbols. Safest disables JavaScript everywhere, disables some font types, and disables SVG and WebGL.
For maximum anonymity, set the slider to Safest before accessing .onion services. This prevents JavaScript-based attacks and reduces fingerprinting surface area significantly.
2. Bridge Configuration
Bridges are Tor relays that are not publicly listed. If your ISP blocks Tor or you are in a country with heavy censorship, bridges provide a way to reach the Tor network. Tor Browser includes built-in bridge support through the settings menu. Options include obfs4, meek, and Snowflake transports.
For additional security, request custom bridges from the Tor Project website or use the built-in bridge distribution system. Bridges should be rotated periodically to maintain their effectiveness.
3. Anti-Fingerprinting Measures
Browser fingerprinting identifies users through unique combinations of browser properties: screen resolution, installed fonts, timezone, user agent, and more. Tor Browser implements extensive anti-fingerprinting protections, including a uniform window size, fixed user agent, and restrictive font enumeration.
Do not resize the browser window, install additional fonts, or change default Tor Browser settings. Every modification reduces the anonymity set and makes you more identifiable.
4. Add-ons & Extensions
Do not install additional browser extensions in Tor Browser. The Tor Browser is pre-configured with privacy settings that extensions can compromise. Extensions like NoScript are already integrated through the Security Slider. Additional extensions can bypass Tor's privacy protections through JavaScript APIs, WebRTC leaks, or unique extension identifiers.
5. Usage Best Practices
Always download Tor Browser exclusively from the official Tor Project website. Verify the PGP signature of the download. Use a New Identity for each distinct browsing session. Avoid logging into personal accounts through Tor Browser. Do not open documents downloaded through Tor while online — use a separate offline environment. Regularly update Tor Browser to the latest version.