How to Change Referer Header Settings: Why It’s Useful
If you want to truly establish your privacy online, you’ll need to understand how to change referer header settings, plus what they are in the first place. Today’s guide will demystify this somewhat technical topic, as well as present a few other tips on further enhancing your Internet anonymity with a VPN.
Referer headers date back to the early days of the Internet. They’re such an old relic, they even carry the misspelling of “referrer” in the name (with one “r”). The referer header allows websites to see where a visitor came from. If you clicked on a link to a site from a Google search, for example, the data passed to the target site would note this. Referer header settings are great tools for webmasters, but in the age of digital privacy, they can be seen as a detriment to the end-user’s experience.
Boost your browser privacy with these VPNs:
- NordVPN – Best for Anonymous Browsing – After changing your referer heading settings, fire up your NordVPN Chrome or Firefox VPN extension for unbreakable privacy online.
- Surfshark – Surfshark goes beyond encryption with a full suite of cybersecurity extras to make your browser safer.
- ExpressVPN – An incredible blend of speed, privacy, and usability. Trusted by thousands of users globally.
Understanding referrer headers can take a lot of time and research, as it’s a surprisingly technical topic to cover. You don’t need a web development degree to know how to change referer header settings, however. Below we’ll discuss the basics of the usefulness of changing and disabling these entries, along with the best way to stay secure online using a VPN.
Editor's Pick November 2024
Comparison of the Best VPN for Referer Header Settings
- 24/7 Live Chat
- 24/7 Live Chat
- 24/7 Live Chat
- Netflix,
- Disney+,
- Amazon Prime,
- iPlayer,
- YouTube,
- Hulu
- Netflix,
- Disney+,
- Amazon Prime,
- iPlayer,
- YouTube,
- Hulu
- Netflix,
- Disney+,
- Amazon Prime,
- iPlayer
Restore your privacy with a VPN
Referer headers can be seen as a core violation of a user’s privacy. The fact is most of what we do on the Internet is tracked, logged, and used to customize what content we see–a double-edged sword indeed. When data breaches and other problems arise, it’s suddenly obvious how detrimental this can be to our security and identity.
A good VPN can prevent these issues from ever occurring. VPNs encrypt your traffic and give you an anonymous IP address, allowing you to surf the web invisibly and without anyone knowing what sites you visit or where you came from.
1. NordVPN
- Servers optimized for unblocking Netflix
- Most VPN servers with different IP addresses
- Allows up to 6 devices to be connected at once
- “Double” data protection
- Live Chat Support.
- Very little
- They can take 30 days to process refunds.
When it comes to browser security, NordVPN is an old standby. This isn’t because the privacy community has become complacent; it’s because NordVPN are constantly updating their encrypted network and privacy provisions to keep up with the demands of today’s Internet threats.
Firstly, this provider wraps your connection in unbreakable 256-bit AES encryption–impossible to brute force by even the most sophisticated supercomputer. Moreover, you can crank anonymity up to 11 using either NordVPN’s obfuscated or multi-hop servers. And in terms of network reach, NordVPN offers 5500+ servers in 59 countries worldwide, ensuring there’s always a fast, stable connection nearby to your location.
Of course, changing your referer heading settings and encrypting your connection is worth little if your VPN keeps logs on you. Fortunately, NordVPN’s no-logging policy has been rigorously scrutinized over the years, and remains one of the best of the business.
Read our full NordVPN review.
2. Surfshark
- Robust servers blast through geoblocks to access your favorite streaming sites
- Multi-hop connections readily available
- Bitcoin, Etherium, and other cryptocurrencies accepted as payment
- Favorable BVI jurisdiction guarantees no logs kept
- Support staff manned by actual human beings 24/7.
- Overall, not much to complain about
- Power users may wish for more settings to fiddle with.
Most VPNs are going to have pretty strong encryption at this point; but Surfshark elevates their privacy offering beyond their unbreakable 256-AES-GCM cryptographic key. After all, not every attack on your identity is going to be through brute force!
For one, Surfshark allows you to enable CleanWeb, which intercepts and stops adware, trackers, and malware before it even has a chance to load. Moreover, they maintain a constantly expanding database of over one million websites known to harbor viruses. Surfshark not only hides your activity online, but helps protect you from yourself clicking on bad links.
You can also tailor your VPN settings based on which Wi-Fi network you’re connected to. Hike the privacy to max on public networks, dial up the speed on your home router, or anything in between.
As a bonus, Surfshark offers their Trust DNS, which scrambles your DNS requests. Combined with changing referer heading settings, and you’re basically untrackable online.
3. ExpressVPN
- SPECIAL OFFER: 3 months free (49% off – link below)
- Reliable and fast connections
- Supports ALL devices
- Strict no-logs policy for personal information
- Great support (24/7 chat).
- Max 3 connections simultaneously
- Slightly pricier than competition.
ExpressVPN is an extremely easy to use VPN that provides solid protection for a variety of devices. You can install it on your PC, smartphone, or tablet with a couple of clicks, then enjoy the security of a strict zero-logging policy and 256-bit AES encryption on all of your data, instantly. ExpressVPN backs this up with a large network of incredibly fast servers, currently numbering over 3,000 in 94 different countries.
Read our full ExpressVPN review.
Why it’s useful to change and disable referer headers
Referer headers are simple pieces of code that help create virtual links between websites. They form a breadcrumb trail of sorts, allowing webmasters to understand what brought people to their website. In the modern age, referer headers are being exploited to harvest private information, however. Here’s the full scoop on how referrer headers work from a user’s perspective.
How the referer header works
The simplest explanation for referer headers is that they function as an information bridge between sites. Let’s say you visit Google and perform a quick search. The site you want shows up at the top of the list. You click the URL and are redirected to the page right away. During that fraction of a second when you click, three interesting things take place in quick succession:
- Your browser notes the URL you were at when clicking the link. In this case, it’s a Google search page.
- You are sent to the linked page and it starts to load in your browser.
- The location you were at before you clicked the link is sent to the page you visit.
This process happens any time you click a link on any web page, and information about your origin is always passed along. There are some unique exceptions to this, however:
- When going from HTTPS to HTTP pages.
- When typing in a URL manually.
- When cutting/pasting a link into the URL bar.
- When using browser bookmarks to visit a site.
The takeaway from this is pretty simple: if you click a link, your action was probably tracked. If you don’t want that to happen, you either need to stop the tracking altogether, or disguise your identity so it doesn’t matter who tracks what.
Legal issues surrounding referer headers
A lot of people wonder if it’s legal to block, change, or disable referer header settings in their web browser, or if hiding their identity with a VPN breaks any laws. Unfortunately, this is something of a gray area. While we are not currently aware of any regions where it’s illegal to hide referer headings, it may be viewed as suspicious if you take specific actions to block your identity.
It is your responsibility to research and understand laws in your area before utilizing a VPN to unblock or disguise anything. A VPN does not give you license to do whatever you want on the Internet, nor will it provide complete protection if legal action is taken against you. Addictive Tips does not condone any action that may break the laws of any country. Always consider the consequences of your actions before opening a VPN or modifying your browser in any way.
How to change referer header settings
When it comes to referer header settings, browsers do most of the heavy lifting. They hold the data that is passed to websites, which also means they can be tweaked to preserve your privacy more intensely. Follow the suggestions below to change or disable referer header settings in your browser of choice.
Disable referer headers in Firefox
Firefox offers the easiest method of disabling referer headers entirely. You’ll need to be slightly comfortable with editing about:config details, which isn’t as complex as you might think. Simply follow our steps below and you’ll be set.
- Open Firefox and click on the URL bar.
- Type about:config in the bar, then hit enter.
- Accept the “I’ll be careful, I promise!” warning.
- In the search bar at the top of the config page, enter the following string: network.http.sendRefererHeader
- Double-click on the sendRefererHeader entry and a small window will pop open.
- Enter either 0, 1, or 2 in the box. To completely disable referer headers, use 0. Click OK to confirm the change.
- Close the config screen and resume normal browsing.
Changing this value in Firefox will turn of referer headers entirely. This won’t affect most of your daily activities, but it can cause problems with some WordPress websites. As an alternative, you can set the value in step six to 1, which will disable referrals when clicking on a link, but not when loading images. This prevents cross-site tracking but won’t break as many websites. If you change your mind and want to return Firefox to normal, simply change the value to 2.
Change referer headers in Chrome
The Chrome browser currently does not offer the ability to change referer header settings from a configurations page. However, you can make a quick edit to the Chrome launch options that will disable headers altogether. This is especially useful in Windows if you use a shortcut icon to open the .exe file.
To disable referer headers in Chrome, all you need to do is launch it with the –no-referrers flag on the end. Linux and Mac users can do this from a terminal. Windows users will need to edit the shortcut and add the flag manually.
For example, if Chrome is located in your AppData folder, simply add the no-referrers flag on the end, like so:
- “C:\Users\Username\AppData\Local\Google\Chrome\Application\chrome.exe” –no-referrers
Other browsers (Safari, Opera)
For other mainstream browsers such as Safari, there is currently no known method of disabling or changing referer header settings from a configurations page. If your browser is based on Chrome or Firefox, you can try the methods listed above to see if they work. Otherwise, see the section below that covers browser extensions.
The Opera browser offers a quick method of disabling referer headers completely. All you need to do is navigate to Settings > Preferences > Advanced > Network, then uncheck “Send referrer information”.
Browser extensions that change referer header settings
You don’t need to edit configurations or change shortcuts to alter your browser’s referer header settings. Instead, try the add-ons listed below. Note that any browser that offers compatibility with the browser engines and add-ons listed below will be able to install the correct extension to disable referer headers.
Firefox
If you’re not comfortable making config page changes yourself, you can always install the Referer Control extension on Firefox. This add-on lets you allow or deny HTTP referrals on a per-site basis, giving you fine grain control over which sites get to see your browsing trail.
Chrome
Don’t want to alter the Chrome shortcut? Try the Referer Control extension available on the Chrome web store. This simple add-on gives you full control over which sites can utilize your referral header settings. Allow, disable, or filter by regular expression, or just switch them off altogether.
Safari
When it comes to changing referrer header settings in Safari, your options are severely limited. Fortunately, the multi-purpose tool SafariStand exists. Install the add-on to your browser, then use the check box to disable referrals altogether.
Finding better browsers
Not all browsers offer the ability to disable referrer controls. If yours doesn’t, you may want to consider switching to a more secure browser to keep your data safe. Also check out some must-have browser extensions that protect your privacy. Finally, if you own an Android device, see the best apps for anonymous browsing to ensure your identity is never leaked.
Protect referral privacy with a VPN
Changing or disabling referer header settings is one way to protect your privacy. Deploying a VPN is another. You can even use both methods in conjunction with each other to keep your identity as secure as possible. After making edits to your browser for added online invisibility, check out the guide below to ensure maximum privacy.
Set up a VPN to stay safe
We covered how to choose a reliable VPN above, complete with our recommended service for keeping your identity secure. Next, you’ll want to create an account with the service, then get everything installed and locked down so you can enjoy a more private browsing experience.
- In your favorite PC web browser, start by creating a VPN account with a recommended provider above. Sign into the official website and download the app for your device. Launch it and log in as soon as this process completes.
- Most VPN software will automatically connect you to the fastest server the moment you open the app. This will be ideal for most users, as it ensures optimal speeds without sacrificing encryption or other privacy features.
- You can optionally run a quick IP leak test to make sure your VPN is working correctly. In the same browser window, go to ipleak.net, then wait for the page to load. It will automatically run an IP address lookup. Check the box beneath Your IP Addresses and make sure it displays a different country than the one you’re currently in.
- Once the encrypted connection is complete, you’re safe and sound. Let the VPN app run in the background and keep it active whenever you connect to the Internet, both at home and while you travel. This will ensure you’re always safe each time you go online, no matter what.
Protecting your referrer data
With your VPN active, you’re now ready to enjoy a safe and anonymous browsing experience. You can combine a good VPN with the referer header setting changes above for optimal privacy, or simply stick with the VPN itself. The latter strips referrer details from all requests and keeps your identity a secret, allowing you to carry out normal web browsing tasks with ease. It never hurts to follow both sets of suggestions, however!
For added protection you can keep the following tips in mind. These naturally circumvent the referer header settings to give you extra privacy on the web.
- Manually type URLs or copy/paste them whenever possible. Don’t click a link unless you have to.
- Open all links in a new browser window. This usually sets the HTTP referrer flag as “null”, passing no data to the target website.
- Use browser bookmarks or another local bookmarking program.
- Avoid using the Internet on smartphone browsers, as there are rarely reliable methods to disable referer headers on mobile devices.
Conclusion
Referer headers are a relic of a more innocent age of web browsing. They still serve an important purpose in modern times, especially when it comes to learning how users found your website. But if you want to keep your information safe, you should seriously consider disabling referrers altogether. This, along with a strong VPN, can keep you safe from all kinds of web-based dangers.
Got any tips for changing referer headers we didn’t cover above? Share your knowledge in the comments section!
If you need a VPN for a short while when traveling for example, you can get our top ranked VPN free of charge. NordVPN includes a 30-day money-back guarantee. You will need to pay for the subscription, that’s a fact, but it allows full access for 30 days and then you cancel for a full refund. Their no-questions-asked cancellation policy lives up to its name.
Thanks thanks and thanks alot I have been searching for this kind of detailed explanation and have been browsing the net for hours and hours . Finally got it and i Understood the concept which will help me . IT would be great if you can write a article on how this refer header can be exploited and how WAF can detect this kind of violations