Compare Revisions

Firefox keeps you safe by blocking unsigned or unverified add-ons. Learn more about add-ons signing.

{for not fx40}{warning}This article applies to newer versions of Firefox and Firefox for Android (version 40 and above).{/warning}{/for} Add-ons that change your browser's settings without your consent or steal your information have become increasingly common. Some add-ons add unwanted toolbars or buttons, change your search settings or inject ads or malware into your device. (Learn more about [[What is search hijacking? | search hijacking]].) =How does add-ons signing protect me?= {for not fx40}Newer versions of Firefox (versions 40 and above) protect you against malware and browser hijackers by {for =fx40}warning you against{/for}{for =fx41}blocking{/for} third-party add-ons that are not digitally signed and verified by Mozilla. To use this new feature, please [[Update Firefox to the latest version | update to the latest version of Firefox]].{/for} {for =fx40, =m40}While Firefox currently has a [[Add-ons that cause stability or security issues are put on a blocklist |blocklist]] system, it is increasingly difficult to track and block the growing number of malicious add-ons. The new add-ons signing process requires developers to follow [https://developer.mozilla.org/en-US/Add-ons/Add-on_guidelines Mozilla Developer guidelines] to ensure that their add-ons are safe. Firefox protects you by warning you when an add-on has not been verified through this signing process, but you can still install the unverified add-on at your own risk.{/for} {for =fx40, =m40} {note}Install add-ons only from developers you trust. Unverified add-ons may contain malware or hijackers that can alter your settings and steal your information.{/note} {/for} {for fx41, m41}Firefox protects you by allowing only digitally signed or verified add-ons to be installed on your browser. While Firefox currently has a [[Add-ons that cause stability or security issues are put on a blocklist |blocklist]] system, it is increasingly difficult to track and block the growing number of malicious add-ons. The add-ons signing process requires developers to follow [https://developer.mozilla.org/en-US/Add-ons/Add-on_guidelines Mozilla Developer guidelines] to ensure that their add-ons are safe.{/for} {note}'''Developers:''' Learn more about add-ons signing guidelines at [https://developer.mozilla.org/en-US/Add-ons/Add-on_guidelines Mozilla Developer Network].{/note} =What types of add-ons need to be signed?= Extensions (add-ons that add features to Firefox) will need to be signed. Themes, language packs and plugins do not need to be signed. =Where would I encounter unsigned add-ons?= Add-ons installed through the [https://addons.mozilla.org/firefox/ official Firefox Add-ons site] undergo a rigorous review process before they are published. These add-ons are signed and verified. When you install an add-on through another website, Firefox checks to make sure that the add-on has been digitally signed before you can install it. {note}The add-ons signing process '''only targets malware and browser hijacking'''. It does not control or censor the content that you choose to see.{/note}