Increase Safari security and privacy in macOS

Essential security settings for your Apple Mac

Private sign - increase privacy and security in Safari on the Apple Mac

Web browsers are the biggest risk to your privacy and security when using a computer. These tweaks and settings make Safari on the Apple Mac safer and more secure when using the internet.

There is still a belief that Apple Macs do not get malware, but this simply is not true. OK, viruses are rare, but adware is common. You should improve Safari browsing security and privacy with these tips. Of course, it is much safer to access the internet with a Mac running macOS than a PC running Windows, but it is not completely safe and some types of malware do target Apple users. People are often plagued with adverts and other irritations.

It is especially important after installing macOS or a major upgrade to open Safari and fix the security and privacy issues that could potentially cause problems.

It may be surprising that Safari has problems out of the box, but the default settings simply are not the best. Start Safari by clicking the icon in the Dock at the bottom of the screen and then go to the Safari menu and select Preferences.

General Safari settings

Safari general preferences on the Apple Mac

Homepage: Simply opening Safari, a new tab or window could lead to you being tracked. Make sure the startup page is one that does not track you, such as start.duckduckgo.com (it has less tracking than duckduckgo.com). This also ensures that you are not tracked when you search the web.

New windows/tabs open with: Safari can be set to open with a display of your Favorites, Top Sites, Homepage or other pages. Tabs can be set with these options too. Anyone next to you or behind you when you start Safari or open a new tab or window will be able to see your Favorites and (sometimes) recently visited websites.

Does this worry you? It won’t if you sit at a desk on your own, but if you use a MacBook in a public place it might. Maybe you have nothing to hide, but a list of leisure and social websites on a work computer doesn’t look good.

Remove history items: Your web browsing history might be stored for a whole year or more and you have to wonder whether this is really necessary. Does your Mac need to record and store every website you visit for so long? Click the item and select a shorter time period, such as one month.

Remove download list items: Safari stores a list of files you have downloaded in the setting near the bottom of the General tab. Is this actually a desirable setting? There are options to clear the download list when Safari quits or as soon as a download is completed. The less time information is stored, the more private your browsing will be.

Open “safe” files after downloading: So far the security and privacy settings have been quite minor and you might find the defaults OK. What is not OK is the default option at the bottom of the General tab in Preferences to Open “safe” files after downloading. It then goes on to say that safe files are movies, pictures, sounds, PDFs, text documents and archives.

It is not a good idea to automatically open downloaded items. It is possible to create a web page that automatically downloads a file and if it is then automatically opened, then clearly it may be possible to hide malware within the download and automatically install it. Macs are not immune from malware and it surely makes sense not to automatically open downloads without your knowledge. Clear the checkbox on this option if it is set.

If you need to open a download, go to the Downloads folder and open it yourself, preferably after scanning it with security software.

Beware of fraudulent websites

Safari preferences on the Apple Mac - security options

Go to the Security tab and the first option listed is Warn when visiting a fraudulent website. This is a service that protects you from scams and phishing by identifying fake websites and displaying a warning message before the website is displayed. You then have the choice of navigating away from the site or proceeding to it anyway.

It is an important security service, but I have occasionally had this fail to update. You need to check this setting occasionally and make sure it is working. It is a security risk because new fraudulent sites are discovered every day.

When this error occurs, it may or may not fix itself. The solution is quite simple though. Clear the checkbox to turn off the warning. Close the preferences window and quit Safari. Wait a minute, open Safari, wait a minute, go to Preferences > Security and tick Warn when visiting a fraudulent website. The error message should no longer be displayed.

Set the search engine

Set the search engine to DuckDuckGo in Safari preferences on the Apple Mac

It is common to set the homepage and new tab page to a search engine because it makes it more convenient to use. However, it is also possible to search by typing a word or phrase into the address box. Which search service is used for this? One that tracks you?

Select the Search tab and choose DuckDuckGo for the search engine. This will be used for searches when a word or phrase is typed into the address box. Avoid Google, Bing and Yahoo! if you want to avoid being tracked. Select DuckDuckGo to make your web searches more private.

Safari privacy options

Safari privacy settings in macOS on the Apple Mac

Ask websites not to track me: This is included only because some people may not have updated to the latest version of Safari. It has been removed and the setting no longer exists. The idea was to Ask websites not to track me by sending a Do Not Track message. The idea was sound, but it failed because sites could ignore it and some even used it to track you. It has gone.

Prevent cross-site tracking: This is an important option and it should default to being on. Make sure it is selected to prevent certain types of tracking activities.

Beware of extensions

Enable or disable Safari extensions

Some Safari extensions are very useful and they can provide extra features that are not available in the browser itself. For example, Pinterest Pin-It button, Everrnote Web Clipper, Grammarly and others.

I installed four extensions at random and three had permission to read everything on the web pages, including passwords, phone numbers and credit cards. This is quite common for extensions and a bad one could use this to spy on you, so you have to be careful what you install

Extensions are only available from the App Store these days, but even so, it is worrying what these extensions have access to. Select the Extensions tab in Safari Preferences and there are checkboxes to disable extensions. Disable any that are not essential and uninstall them. You will sleep better at night.

Use a VPN

Ivacy VPN for the Apple Mac

A great way to increase the privacy and security of your internet activities is to use a VPN. ProtonVPN is a free VPN that is worth considering if you are on a tight budget.

I prefer a paid VPN because they are faster, have many more servers to choose from around the world, and have more features. I used NordVPN for years and it is excellent and I am now using Ivacy VPN, which is pretty good. PureVPN is another worth looking at. They provide some great deals on VPNs.

Our Offers and Recommendations page has great deals on VPNs for your Mac, PC and phone. Save $$$ on your subscription.

Hide your location

Choose which websites can access your location in Safari on the Apple Mac

Some websites need to know your location, but some may simply be spying on you and recording visitors for no reason. Select the Websites tab, select Location on the left and set When visiting other websites to Ask. You will then see a message when a website tries to access your location and you can choose to allow it or block it.

If there are any websites in the list, set the to Ask, Deny or Allow as you prefer.


What's next?