The BSI also issues recommendations for this: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/SicherheitsCheck/sicherheitscheck_node.html
Unfortunately, there is no universal “best” setting for every user. If a website only works with Flash or Java, then you have to weigh up between “don’t use and be safe” or “use and accept a (small) risk”.
Whenever possible, use a modern browser with sandbox technology (e.g. Google Chrome) and a good supply of security updates. Avoid active content as far as possible, especially anything that has to be provided by additional plug-ins (e.g. Java) and is not already integrated into the browser. If you use active content (have to), switch it on only for the required (trustworthy) pages, but otherwise generally switch it off. Always install all current security updates, use the latest stable versions of the browser and activate built-in mechanisms against viruses and malware.
The Federal Office for Information Security (BSI), for example, provides information and instructions on the security settings of some common browsers on its website:
- Security settings: http://support.mozilla.org/de/kb/Einstellungen-Fenster%20-%20Sicherheits-Abschnitt
Recommendation: For Firefox, it is best to use Firefox’s default settings. However, deactivate the option “Save passwords”. If you still want to save passwords in the browser, please be sure to use a master password for this purpose (note, among other things, the information from the Federal Office for Information Security (BSI) for secure passwords https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/Passwoerter/passwoerter.html).
Disable active content in IE 9 – please do not use versions older than IE 11 if possible: http://windows.microsoft.com/de-AT/windows7/How-to-use-Tracking-Protection-and-ActiveX-Filtering
Recommendation: You should block ActiveX controls. In any case, always use the latest version of Internet Explorer for your version of Windows, see also http://www.heise.de/security/meldung/Das-Support-Ende-fuer-alte-Internet-Explorer-Versionen-ist-da-3068332.html – there are no longer any security updates for older versions.
Security settings: http://support.google.com/chrome/?hl=de#topic=14666&rd=1
Blocking Active Content in Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&answer=142064
Empfehlung: Wählen Sie unter „Plugins blockieren“ die Funktion „Click-to-Play“.
The Opera browser uses the same rendering engine internally as Google Chrome:
Security settings: http://help.opera.com/
- Security and privacy in Opera http://de.opera.com/browser/tutorials/security/
Unfortunately, there is no additional information about the browser’s security settings on Apple’s website. Independent of the manufacturer, the magazine “Macwelt” has produced a guide “Safe surfing with Safari”: https://www.macwelt.de/ratgeber/Sicher-surfen-Sicher-surfen-mit-Safari-4955392.html