Referer headers date back to the early days of the Internet. They’re such an old relic, they even carry the misspelling of “referrer” in the name (with one “r”). The referer header allows websites to see where a visitor came from. If you clicked on a link to a site from a Google search, for example, the data passed to the target site would note this. Referer header settings are great tools for webmasters, but in the age of digital privacy, they can be seen as a detriment to the end-user’s experience.
Understanding referrer headers can take a lot of time and research, as it’s a surprisingly technical topic to cover. You don’t need a web development degree to know how to change referer header settings, however. Below we’ll discuss the basics of the usefulness of changing and disabling these entries, along with the best way to stay secure online using a VPN.
- 1 Restore your privacy with a VPN
- 2 Why it’s useful to change and disable referer headers
- 3 How to change referer header settings
- 4 Browser extensions that change referer header settings
- 5 Protect referral privacy with a VPN
- 6 Conclusion
Restore your privacy with a VPN
Referer headers can be seen as a core violation of a user’s privacy. The fact is most of what we do on the Internet is tracked, logged, and used to customize what content we see–a double-edged sword indeed. When data breaches and other problems arise, it’s suddenly obvious how detrimental this can be to our security and identity.
A good VPN can prevent these issues from ever occurring. VPNs encrypt your traffic and give you an anonymous IP address, allowing you to surf the web invisibly and without anyone knowing what sites you visit or where you came from.
ExpressVPN – Privacy, speed, simplicity
ExpressVPN is an extremely easy to use VPN that provides solid protection for a variety of devices. You can install it on your PC, smartphone, or tablet with a couple of clicks, then enjoy the security of a strict zero-logging policy and 256-bit AES encryption on all of your data, instantly. ExpressVPN backs this up with a large network of incredibly fast servers, currently numbering over 2,000 in 94 different countries.
- Unblocking Netflix USA, iPlayer, Amazon Prime
- Super fast servers
- AES-256 encryption
- No personal information logs kept
- 24/7 Live Chat.
- Very little
- Slightly more expensive than some other options.
Learn more about ExpressVPN, including speed test results and a full privacy audit, by checking out our complete ExpressVPN review.
Why it’s useful to change and disable referer headers
Referer headers are simple pieces of code that help create virtual links between websites. They form a breadcrumb trail of sorts, allowing webmasters to understand what brought people to their website. In the modern age, referer headers are being exploited to harvest private information, however. Here’s the full scoop on how referrer headers work from a user’s perspective.
How the referer header works
The simplest explanation for referer headers is that they function as an information bridge between sites. Let’s say you visit Google and perform a quick search. The site you want shows up at the top of the list. You click the URL and are redirected to the page right away. During that fraction of a second when you click, three interesting things take place in quick succession:
- Your browser notes the URL you were at when clicking the link. In this case, it’s a Google search page.
- You are sent to the linked page and it starts to load in your browser.
- The location you were at before you clicked the link is sent to the page you visit.
This process happens any time you click a link on any web page, and information about your origin is always passed along. There are some unique exceptions to this, however:
- When going from HTTPS to HTTP pages.
- When typing in a URL manually.
- When cutting/pasting a link into the URL bar.
- When using browser bookmarks to visit a site.
The takeaway from this is pretty simple: if you click a link, your action was probably tracked. If you don’t want that to happen, you either need to stop the tracking altogether, or disguise your identity so it doesn’t matter who tracks what.
Legal issues surrounding referer headers
A lot of people wonder if it’s legal to block, change, or disable referer header settings in their web browser, or if hiding their identity with a VPN breaks any laws. Unfortunately, this is something of a gray area. While we are not currently aware of any regions where it’s illegal to hide referer headings, it may be viewed as suspicious if you take specific actions to block your identity.
It is your responsibility to research and understand laws in your area before utilizing a VPN to unblock or disguise anything. A VPN does not give you license to do whatever you want on the Internet, nor will it provide complete protection if legal action is taken against you. Addictive Tips does not condone any action that may break the laws of any country. Always consider the consequences of your actions before opening a VPN or modifying your browser in any way.
How to change referer header settings
When it comes to referer header settings, browsers do most of the heavy lifting. They hold the data that is passed to websites, which also means they can be tweaked to preserve your privacy more intensely. Follow the suggestions below to change or disable referer header settings in your browser of choice.
Disable referer headers in Firefox
Firefox offers the easiest method of disabling referer headers entirely. You’ll need to be slightly comfortable with editing about:config details, which isn’t as complex as you might think. Simply follow our steps below and you’ll be set.
- Open Firefox and click on the URL bar.
- Type about:config in the bar, then hit enter.
- Accept the “I’ll be careful, I promise!” warning.
- In the search bar at the top of the config page, enter the following string: network.http.sendRefererHeader
- Double-click on the sendRefererHeader entry and a small window will pop open.
- Enter either 0, 1, or 2 in the box. To completely disable referer headers, use 0. Click OK to confirm the change.
- Close the config screen and resume normal browsing.
Changing this value in Firefox will turn of referer headers entirely. This won’t affect most of your daily activities, but it can cause problems with some WordPress websites. As an alternative, you can set the value in step six to 1, which will disable referrals when clicking on a link, but not when loading images. This prevents cross-site tracking but won’t break as many websites. If you change your mind and want to return Firefox to normal, simply change the value to 2.
Change referer headers in Chrome
The Chrome browser currently does not offer the ability to change referer header settings from a configurations page. However, you can make a quick edit to the Chrome launch options that will disable headers altogether. This is especially useful in Windows if you use a shortcut icon to open the .exe file.
To disable referer headers in Chrome, all you need to do is launch it with the –no-referrers flag on the end. Linux and Mac users can do this from a terminal. Windows users will need to edit the shortcut and add the flag manually.
For example, if Chrome is located in your AppData folder, simply add the no-referrers flag on the end, like so:
- “C:\Users\Username\AppData\Local\Google\Chrome\Application\chrome.exe” –no-referrers
Other browsers (Safari, Opera)
For other mainstream browsers such as Safari, there is currently no known method of disabling or changing referer header settings from a configurations page. If your browser is based on Chrome or Firefox, you can try the methods listed above to see if they work. Otherwise, see the section below that covers browser extensions.
The Opera browser offers a quick method of disabling referer headers completely. All you need to do is navigate to Settings > Preferences > Advanced > Network, then uncheck “Send referrer information”.
Browser extensions that change referer header settings
You don’t need to edit configurations or change shortcuts to alter your browser’s referer header settings. Instead, try the add-ons listed below. Note that any browser that offers compatibility with the browser engines and add-ons listed below will be able to install the correct extension to disable referer headers.
If you’re not comfortable making config page changes yourself, you can always install the Referer Control extension on Firefox. This add-on lets you allow or deny HTTP referrals on a per-site basis, giving you fine grain control over which sites get to see your browsing trail.
Don’t want to alter the Chrome shortcut? Try the Referer Control extension available on the Chrome web store. This simple add-on gives you full control over which sites can utilize your referral header settings. Allow, disable, or filter by regular expression, or just switch them off altogether.
When it comes to changing referrer header settings in Safari, your options are severely limited. Fortunately, the multi-purpose tool SafariStand exists. Install the add-on to your browser, then use the check box to disable referrals altogether.
Finding better browsers
Not all browsers offer the ability to disable referrer controls. If yours doesn’t, you may want to consider switching to a more secure browser to keep your data safe. Also check out some must-have browser extensions that protect your privacy. Finally, if you own an Android device, see the best apps for anonymous browsing to ensure your identity is never leaked.
Protect referral privacy with a VPN
Changing or disabling referer header settings is one way to protect your privacy. Deploying a VPN is another. You can even use both methods in conjunction with each other to keep your identity as secure as possible. After making edits to your browser for added online invisibility, check out the guide below to ensure maximum privacy.
Set up a VPN to stay safe
We covered how to choose a reliable VPN above, complete with our recommended service for keeping your identity secure. Next, you’ll want to create an account with the service, then get everything installed and locked down so you can enjoy a more private browsing experience.
- In your favorite PC web browser, start by creating a VPN account with a recommended provider above. Sign into the official website and download the app for your device. Launch it and log in as soon as this process completes.
- Most VPN software will automatically connect you to the fastest server the moment you open the app. This will be ideal for most users, as it ensures optimal speeds without sacrificing encryption or other privacy features.
- You can optionally run a quick IP leak test to make sure your VPN is working correctly. In the same browser window, go to ipleak.net, then wait for the page to load. It will automatically run an IP address lookup. Check the box beneath Your IP Addresses and make sure it displays a different country than the one you’re currently in.
- Once the encrypted connection is complete, you’re safe and sound. Let the VPN app run in the background and keep it active whenever you connect to the Internet, both at home and while you travel. This will ensure you’re always safe each time you go online, no matter what.
Protecting your referrer data
With your VPN active, you’re now ready to enjoy a safe and anonymous browsing experience. You can combine a good VPN with the referer header setting changes above for optimal privacy, or simply stick with the VPN itself. The latter strips referrer details from all requests and keeps your identity a secret, allowing you to carry out normal web browsing tasks with ease. It never hurts to follow both sets of suggestions, however!
For added protection you can keep the following tips in mind. These naturally circumvent the referer header settings to give you extra privacy on the web.
- Manually type URLs or copy/paste them whenever possible. Don’t click a link unless you have to.
- Open all links in a new browser window. This usually sets the HTTP referrer flag as “null”, passing no data to the target website.
- Use browser bookmarks or another local bookmarking program.
- Avoid using the Internet on smartphone browsers, as there are rarely reliable methods to disable referer headers on mobile devices.
Referer headers are a relic of a more innocent age of web browsing. They still serve an important purpose in modern times, especially when it comes to learning how users found your website. But if you want to keep your information safe, you should seriously consider disabling referrers altogether. This, along with a strong VPN, can keep you safe from all kinds of web-based dangers.
Got any tips for changing referer headers we didn’t cover above? Share your knowledge in the comments section!