3.4 Enable Warning For 'Phishy' URLs

Information

It is possible to disguise a website's true location by making use of username/password syntax within the URL (known as 'phishy URLs'). This setting will display a warning message whenever a user clicks a link to a phishy URL.
This setting will help protect the browser against phishing.

Solution

Perform the following procedure:

* Open the mozilla.cfg file in the installation directory with a text editor

* Add the following lines to mozilla.cfg:

lockPref("network.http.phishy-userpass-length", 1);

See Also

https://workbench.cisecurity.org/files/1158

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b.

Plugin: Windows

Control ID: a4618dd51d9278d8ab4c8aa2818a9ad9a95752cebba92f2c0bb8df7174410ee0