My Firefox settings – retaining some cookies whilst deleting everything else on exit

I’ve been using the Firefox web browser since release 39 in 2015 which imrpoved the product greatly.

This completely replaced my day to day use of Chrome and Internet Explorer – although I still have those installed for testing purposes and occasionally to access some websites or local admin web pages that don’t work with Firefox.

Over this time I have perfected the settings I use so that when existingt the browser all history is deleted – apart from cookies that I want to keep.

Here’s my basic privacy settings:


Use Tracking Protection in Private Windows: I believe this only really works when you are in Private Browsing Mode but no harm in having it switched on anyway.

I also turn on Do Not Track – click “manage your Do Not Track settings”:


As you can see I set some custom settings whereby nothing is remembered and all history is deleted on exit.

The only exception is with cookies – I manage them using a separate add-on. This is because Firefox only allows a blanket approach whereby all cookies are deleted or none at all, but I want to specify some cookies that I want to keep.

Under Settings for Deleting History I have:


I’m not too worried about Site Preferences (zoom level, encoding etc.) so I leave that unticked. I also leave cookies unticked. So everything is deleted on exit apart from Cookies and Site Preferences.

To manage my cookies I use an add-on: selectivecookiedelete, which can be found by searching the Firefox add-ons store (go to Options menu (top right) and choose Add-ons). The add-on page is:

I went though many cookie management add-ons and found this add-on to be by far the best mainly due to the management options.

If you go to the instgalled add-ons page and click options next to the selectivecookiedelete add-on you will get the following preferences dialog box:


As you can see there is an option to automatically remove cookies when Firefox closes but you can also set a whitelist:


As you can see I don’t have many exceptions! The is a good example – this is the search engine I use by default – which has preferences which gear the search results towards your geography i.e. English UK. It stores that preference in a cookie so I want that cookie kept so that I don’t have to set the preference every time I do a search.

The left hand side will display any cookies you have in your current session so to add new whitelisted cookies go to the website in question then to the whitelist and select from left to add to right.

I find this setup works really well and gives me good protection from tracking etc.

Check your Facebook Advert settings are what you really want

Came across an article recently that showed how Facebook has added a new option to the Adverts settings that allows Facebook to use tracking ads even if you previously opted out using the existing settings:


“Ads on apps and websites off of the Facebook Companies” – what legalese there I think. “The Facebook Companies” – looking at the details provides some further information on this:


Love the cute owl – makes you fell all warm and cuddly and safe doesn’t it. Don’t be fooled – having this option set to Yes means Facebook can track you across all their sites/services and probably beyond.

To turn it off simply hit Edit and choose No:


Thanks to Dave Carol for highlighting this:

Increasing attachment limits in Office 365/Exchange Online

The default limit for messages in Microsofts online mailboxes is 35MB. You can change this limit from powershell commands.

If you don’t know how to get started with Powershell admin then look at my previous posting: Send As From a different email domain in Office 365 Exchange Online.

There are 2 limit parameters: MaxReceiveSize and MaxSendSize.

The command for changing the mailbox limit parameters is:

Set-Mailbox John.Doe -MaxReceiveSize 55MB -MaxSendSize 55MB

Substitute John.Doe for the mailbox you want to change.

To change all mailboxes use this:

Get-Mailbox -Resultsize Unlimited | Set-Mailbox -MaxReceiveSize 55MB -MaxSendSize 55MB

And to set the limits for all new mailboxes use this:

Firstly find out which mailbox plan is the default:

Get-MailboxPlan | fl name,maxsendsize,maxreceivesize,isdefault

You will see a list of mailbox plans (name followed by a GUID) only one of which is marked as the default and they will also show the current limits.

To change the default mailbox plan use this command:

Set-MailboxPlan <em>ExchangeMailboxPlan-GUID</em> -MaxSendSize 55MB -MaxReceiveSize 55MB

Replace ExchangeMailboxPlan-GUID with the default plan listed previously.

Always remember to close your session with:

Remove-PSSession $Session

BreakthePaywall tested in Windows 10

BreakthePaywall tested in Windows 10 – you must use Internet Explorer rather than the new Edge browser but otherwise it works ok.

The Edge browser does not at this stage allow add-ons to be installed – we believe they will be allowing add-ons by the Autumn and BreakthePaywall will endeavour to have one available asap.


Gaining Admin access when you have forgotten the Admin password

A common occurance with all the family home computer users I support is that I will arrive on site, a problem is described that requires admin access but they have forgotten their admin password!

The way round this is to create another admin user within safe mode.

This works for Windows 7:

Restart the PC

Hold the F8 key down until you see the Windows Boot Menu

Choose Safe mode with Command Prompt

Wait for windows to boot and eventually you should be presented with a command prompt.

Add a new user (‘root’ in our case) using the following command:

net use root /add

Add the new user to the Administrators group:

net localgroup Administrators root /add

Delete the use from the limited users group:

net localgroup Users root /delete

Reboot the machine and you should now see a new user available at the logon screen. Logon with the new user and you can then change the password of the original admin user in the normal way (control panel, users).

You might also want to logoff, logon as original admin user and delete the new user you just created in the normal way (control panel, users) – just to tidy things up and not have multiple admin users hanging about.


Cisco ASA setting up port forwarding using ASDM – Minecraft example

To setup port forwarding on a Cisco ASA (5505 or 5506 on my systems but is applicable to any PIX type Cisco firewall) you need to setup a NAT translation rule and Access rules.

I mainly use ASDM for making changes as opposed to the command line. See Cisco ASA 5506 (and 5505, 5510) Basic Setup for details on setting up access.

The example given here is for port forwarding to a Minecraft server on the internal network at IP address but is applicable to any device you want to make available on the internet.

Setting up the NAT rule:

Goto Configuration, Firewall, NAT Rules.

On the right hand side you should see a list of Network Objects – adding a network object is the easiest way to add a port forwarding NAT rule. Click Add above the list.

Enter the name of the network object – this can be anything you like but should be descriptive of the type of server and service.

Select Host for the Type.

Enter the IP address of the server – the internal IP.

Click on the NAT heading at the bottom to expand the NAT options.

Tick the Add Automatic Address Translation Rules option.

Select Static for the Type.

Select your ‘outside’ interface for the Translated Address.


Then click Advanced.

Source Interface should be set to Any.

Destination Interface should be set to your ‘outside’ interface.

At this point you can specify specific service ports to be used under the Real Port and Mapped Port options or you can leave them blank if you are happy for any service to be used.

You may want to allow any service if you have a range of external IP numbers that you can use. You can assign a single external static IP for your internal server and set the NAT rule to Any service. This does not mean that you are allowing access on any port to the server as you still have to setup Access rules to allow traffic through – you are just allowing access on any port from the ASA to the internal server.


In my case I only have one external IP address so I need specify specific ports as I also want to run a web server from a different internal machine and I may add other devices in future.

In the example above I have a Minecraft server which needs to allow access on port 25565 so that’s what I enter for the Real and Mapped ports (real port is the one being hit on the outside interface. You can map to a different port on the internal server if you wish).

I also need to setup port forwarding for UDP port 25565 – Minecraft server requires both TCP and UDP protocols on port 25565.

So I setup a separate network object for the UDP port forwarding:



Unfortunately you cannot choose tcp/udp when setting up NAT rules so you have to create two rules in this example – as mentioned earlier if you have a number of external IP addresses available then you could set service to Any and control ports using Access rules. You would then have just one NAT rule and 1 Access Rule (access rules allow you to specify tcp/udp).

You should now see something like this in your NAT rules list (note I also have my web server rule on port 80 (http) listed here as well):


Also note the general NAT rule at the bottom for translating internal addresses to external addresses for general browsing etc. See: Cisco ASA 5506 (and 5505, 5510) Basic Setup

Setting up Access Rules:

Goto Configuration, Firewall, Access Rules.

Select the ‘outside’ interface and select Add.

The interface should be set to ‘outside’.

The Action should be set to Permit.

The Source should be set to Any – you want everyone to be able to access your server.

Set the Destination to the Network Object you created under the NAT rules.

Under Service click the …elipse.

In this example we need to create a new Service Object corresponding to the port required (25565)

Under the Add option select Service Object.

Enter a Name of your choice.

Select the Service type

The destination port should be set to the Real port you are forwarding.

Leave the source port as the default – machines connecting may use any port in the allowable range to connect to a service on the internet so you have to cater for any port.

Click OK, make sure the Service Object you just create is selected and click OK.



Click OK and Apply to set your new Access Rule.

We also need to setup a separate rule for the UDP port 25565 that we also need to forward:



As mentioned before in the case of using a NAT rule covering any service you can add just one Access Rule that covers both tcp and udp.

You should now have an Access Rules screen that looks something like this:


Make sure you click Apply and you are all done.

Remember that any firewall on your servers also has to be set to allow traffic on the port you have forwarded.


Excel and SSIS – the problems and solutions

There are various problems with importing data from Excel files.

Today I came across an article from 2012 by Koen VerBeeck which has been re-blogged on the website which very succinctly summarises the problems and solutions:

Please note my comment at the bottom which I will repeat here:

One thing I would add is that if you are in a situation where changing registry settings is difficult or you don’t want to have to bother with changing settings every time you move machines/re-image machines i.e. you have to stick to the default of 8 rows being sampled. Then just add 8 dummy rows to the beginning of your Excel tables with the relevant type of data inserted – bunch of ‘A’s for strings, ‘9’s for numeric etc. – and then delete all the dummy records out with conditional split as mentioned. With this setup you can be certain the SSIS routine will work on any machine with default JET settings.