7.2.6 Audit Hide IP Address in Safari Setting

Information

Public (Routable) IP addresses can be used to track people to their current location, including home and business addresses. While a valid IP address is necessary to load the site, the valid address does not need to be provided to known trackers and should be hidden.

Rationale:

Trackers can correlate your visits through various applications, including websites, and is a threat to your privacy.

Impact:

Website address blocking through iCloud Private Relay may prevent some wanted pages from loading that use IP geolocation access controls.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Graphical Method:
Perform the following steps to set Safari whether or not to hide IP addresses from trackers:

Open Safari

Select Safari from the menu bar

Select Preferences

Select Privacy

Set Hide IP address from trackers to your organization's requirements

Terminal Method:
Run the following command to enable or disable hiding IP addresses from trackers in Safari:

$ /usr/bin/sudo -u <username> /usr/bin/defaults write /Users/<username>/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari WBSPrivacyProxyAvailabilityTraffic -int <130272/130276>

33422560 will set hide IP address from trackers to disabled. 33422564 will enable from Trackers Only, and 33422572 will enabled from Trackers and Websites.
example:

$ /usr/bin/sudo -u firstuser /usr/bin/defaults write /Users/firstuser/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari WBSPrivacyProxyAvailabilityTraffic -int 33422560

$ /usr/bin/sudo -u seconduser /usr/bin/defaults write /Users/seconduser/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari WBSPrivacyProxyAvailabilityTraffic -int 33422564

$ /usr/bin/sudo -u thirduser /usr/bin/defaults write /Users/thirduser/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari WBSPrivacyProxyAvailabilityTraffic -int 33422572

Note: To run the Terminal commands, Terminal must be granted Full Disk Access in the Security & Privacy pane in System Preferences.

See Also

https://workbench.cisecurity.org/benchmarks/14563

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-10, 800-53|SC-7(3), 800-53|SC-7(4), 800-53|SC-18, CSCv7|7.1, CSCv7|7.4

Plugin: Unix

Control ID: 9e8838a29152f884f5f54d0df6a9e2e8de4eccfd5eecbdddc95e2342914b8b74