diff --git a/user.js b/user.js index b90cb96..41c75ff 100644 --- a/user.js +++ b/user.js @@ -1395,10 +1395,12 @@ user_pref("network.predictor.enable-hover-on-ssl", false); // Section : HTTP* / TCP/IP / DNS / PROXY / SOCKS etc. // >>>>>>>>>>>>>>>>>>>> // Pref : Disable IPv6 -// * IPv6 can be abused, especially with MAC addresses, and they do not play nice with VPNs. That's even assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4 +// IPv6 can be abused, especially with MAC addresses, and can leak with VPNs. That's even +// assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4 // [STATS] Firefox telemetry (Dec 2020) shows ~8% of all connections are IPv6 // [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, then this won't make much difference. If you are masking your IP, then it can only help. // [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT" +// https://www.internetsociety.org/tag/ipv6-security/ // [TEST] https://ipleak.org/ user_pref("network.dns.disableIPv6", true); // -------------------------------------