Increase Safari security and privacy in macOS

Web browsers are the biggest risk to your privacy and security. These tips and tweaks make Safari on the Apple Mac safer and more secure

There is still a belief that Apple Macs do not get malware, but this simply is not true. OK, viruses are rare, but adware is common. Improve Safari security and privacy with these tips.

It is much safer to access the internet with a Mac running macOS than a Windows PC, but it is not completely safe and some types of malware do target Apple users. People are often pagued with adverts and other irritations.

After installing macOS you should open Safari and fix the security and privacy issues that could potentially cause problems.

It may be surprising that Safari has problems out of the box, but the default settings simply are not the best. Start Safari by clicking the icon in the Dock at the bottom of the screen and then go to the Safari menu and select Preferences. Select the General tab.

Open Safari with the Homepage

Safari can be set to open with a display of your Favorites, Top Sites, Homepage or other pages. Tabs can be set with these options too. It doesn’t seem to do it every time, but I have also seen recently visited websites listed in the Fvaorites too.

Anyone next to you or behind you when you start Safari or open a new tab or window will be able to see your Favorites and (sometimes) recently visited websites. Does this worry you? It won't if you sit at a desk on your own, but if you use a MacBook in a public place it might.

Maybe you have nothing to hide, but a list of leisure and social websites on a work computer doesn’t look good. 

A lot of people load a web browser to perform a search and setting the home page to a search engine makes it more convenient to use. Enter a URL for the Homepage, such as http://www.google.co.uk, http://www.bing.com, http://www.duckduckgo.com or whatever your favourite search engine is.

Safari preferences

Here is a useful tip. Set the home page to Google on the General tab, but select the Search tab and set the search engine to Bing.

When you open a new window or tab, Google is displayed and you can enter a search term on the web page. If you enter a search term in the address box at the top of the browser window, the search will be performed at Bing.

You therefore have a choice of two search engines by setting the home page and Search engine on the Search tab to different ones.

Back to the General tab in Safari preferences. Set New window opens with and New tabs open with to Homepage. Make sure adware or spyware has not hijacked these with their own URLs.

Hide Safari browsing history

Your web browsing history might be stored for a whole year and you have to wonder whether this is really necessary. Does your Mac need to record and store every website you visit for so long? Click the item and select a shorter time period, such as one month or even just two weeks.

Safari preferences

Hide Safari downloads

Safari stores a list of files you have downloaded for one day in the setting near the bottom of the General tab. This is actually a reasonable setting, but there are options to clear the download list when Safari quits or as soon as a download is completed.

If you have never needed to check the downloads list, after all, you can see the downloads in the Downloads folder, then set this to Upon successful download, or at least When Safari Quits.

Boost security and privacy

So far the security and privacy settings have been quite minor and you might find the defaults OK. What is not OK is the default option at the bottom of the General tab in Preferences to Open “safe” files after downloading. It then goes on to say that safe files are movies, pictures, sounds, PDFs, text documents and archives.

It is not a good idea to automatically open downloaded items. It is possible to create a web page that automatically downloads a file and if it is then automatically opened, then clearly it may be possible to hide malware within the download and automatically install it.

Macs are not immune from malware and it surely makes sense not to automatically open downloads without your knowledge. Clear the checkbox on this option if it is set.

Safari preferences

If you need to open a download, go to the Downloads folder and open it (preferably after scanning it with security software).

Set Do Not Track

Another privacy default that must be changed is on the Privacy tab in Safari Preferences. Tick Ask websites not to track me. In the past, Apple has automatically set this to allow websites to track you by default. Surely the default should be not to track you. Check it and set it if necessary.

Safari preferences

Safari fraudulent website warning

There is another issue with Safari. Go to the Security tab and the first option listed is Warn when visiting a fraudulent website. This is a service that protects you from scams and phishing by identifying fake websites and displaying a warning message before the website is displayed. You then have the choice of navigating away from the site or proceeding to it anyway.

It is an important security service, but sometimes it fails to update. Here you can see that the service is not available and has not been updated for 16 days. This is a security risk because new fraudulent sites are discovered every day.

Safari fraudulent sites setting

When this error occurs, it may or may not fix itself. The solution is quite simple though. Clear the checkbox to turn off the warning. Close the preferences window and quit Safari. Wait a minute, open Safari, wait a minute, go to Preferences, Security and tick Warn when visiting a fraudulent website. The error message should no longer be displayed.

Safari internet plug-ins

In the screenshot aove, there is an option to allow Internet plug-ins, but plugins are a potential security risk. Old versions of the Java plug-in should definitely be avoided because of security flaws. (See How to install and uninstall Java on macOS.)

Do you need plug-ins? Clear the checkbox and try Safari without them. It is more secure and more private. If you do need plug-ins, click the Website Settings button to enable or disable the ones you want. Aim to disable or delete any you do not need.

Remove extensions

Some Safari extensions are very useful and they can provide extra features that are not available in the browser itself. For example, Pinterest Pin-It button, Everrnote Web Clipper, Grammarly and others.

Extensions can read everything on the web pages you view and they know which websites you visit. A bad extension could use this to spy on you, so you have to be careful where you get extensions from.

Those from the Safari Extensions Gallery run by Apple should be fine. Beware of plug-ins installed from elsewhere on the web though. Select the Extensions tab in Safari Preferences and there are checkboxes to disable extensions. Disable any that are not essential and uninstall them.

 

Share

Comments

3

The latest proposed draft of the Do Not Track specification requires that users must choose to turn on the anti-behavioral tracking feature in their browsers and software. Apple is adhering to the specification. "A user agent must have a default tracking preference of unset (not enabled) unless a specific tracking preference is implied by the user's decision to use that agent. For example, use of a general-purpose browser would not imply a tracking preference when invoked normally as SuperFred, but might imply a preference if invoked as SuperDoNotTrack or UltraPrivacyFred." http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#determining

<p>Just because it's the specification, it doesn't mean it is right. Surely privacy should be the default and we should choose to share stuff only if we want to.</p>

I do not have this option in the privacy section. Is it a relatively new feature?

Add new comment

By submitting this form, you accept the Mollom privacy policy.

Related items you will like...