This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Problems accessing secure sites using FireFox

more options

FireFox has been my default browser for many years and it has been great, no problems. Within the past three months, however, I've been unable to access financial sites that I regularly use. The first was in October when one site upgraded its account access security. Initially, FireFox worked after the upgrade, but then I could no longer log into my account. I spoke to support staff for that website and they said they've been receiving complaints from other clients who use FireFox and suggested I use another browser, which I did and was able to access my account. Today another financial site suddenly blocked access using FireFox with a message that I needed to unblock cookies for the site, so I went into FireFox security settings and added the site's address to the exceptions list, but still could not enter the site. I am having no problems logging onto these sites with another browser, but FireFox is not working. Any suggestions? I would like to keep FireFox as my default browser, if that's possible. Thanks!

FireFox has been my default browser for many years and it has been great, no problems. Within the past three months, however, I've been unable to access financial sites that I regularly use. The first was in October when one site upgraded its account access security. Initially, FireFox worked after the upgrade, but then I could no longer log into my account. I spoke to support staff for that website and they said they've been receiving complaints from other clients who use FireFox and suggested I use another browser, which I did and was able to access my account. Today another financial site suddenly blocked access using FireFox with a message that I needed to unblock cookies for the site, so I went into FireFox security settings and added the site's address to the exceptions list, but still could not enter the site. I am having no problems logging onto these sites with another browser, but FireFox is not working. Any suggestions? I would like to keep FireFox as my default browser, if that's possible. Thanks!

All Replies (7)

more options

https://support.mozilla.org/en-US/kb/websites-say-cookies-are-blocked-unblock-them


Make sure you are not blocking content.

https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop also see https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/

https://support.mozilla.org/en-US/kb/smartblock-enhanced-tracking-protection


Diagnose Firefox issues using Troubleshoot(Safe) Mode {web link}

A small dialog should appear. Click Start In Troubleshoot(Safe) Mode (not Refresh). Is the problem still there?


Many site issues can be caused by corrupt cookies or cache.

Warning ! ! This will log you out of sites you're logged in to. You may also lose any settings for that website.

more options

Firefox 96 has updated a few technical details of how "same site" vs. "third party" cookies are handled to increase security. (MDN) These changes were intended to be in line with Chrome and Edge but seem be causing problems on some sites, and various new bugs are on file with the developers for consideration.

Hopefully we'll have more suggestions about what to do about that in the coming days. For now, it makes sense to use a different browser for that site rather than tinker with the new settings, since we can't confidently give advice on them yet. Sorry for the inconvenience.

more options

Here is a message received today from a site that wouldn't allow me in:

We're sorry for this error. In order to use this service, your internet browser must accept third-party cookies. Please refer to your browser's online help for enabling cookies in your system. Please try again after you enable the cookies.

more options

https://support.mozilla.org/en-US/kb/update-firefox-latest-version?cache=no Did you update Firefox to the latest version?

Version 96.0, first offered to Release channel users on January 11, 2022 Version 96.0.1, first offered to Release channel users on January 14, 2022


https://support.mozilla.org/en-US/questions/1359657#answer-1463359 and updated to 95.0. . . . I finally found where the plugin "Widevine Content Decryption Module provided by Google Inc." was not updating to the newest version of December 1, 2021. Ver #4.10.2391.0

cor-el; Make sure you have the latest Widevine version. You can toggle DRM off/on to see if that makes Firefox (re)load DRM components.

You can possibly check the XHR requests in the Browser Console if this doesn't work.

more options

whitmanjohnson67 said

Here is a message received today from a site that wouldn't allow me in: We're sorry for this error. In order to use this service, your internet browser must accept third-party cookies. Please refer to your browser's online help for enabling cookies in your system. Please try again after you enable the cookies.

Firefox 96 made three changes related to cookies. I don't think you have provided enough information to know which change is affecting that site, so I'll provide information on all three changes.

(1) If the server does not specify the SameSite setting for its cookies, Firefox changed from treating it as SameSite=None (allow serving as a third party cookie) to SameSite=Lax (partially restricts serving as a third party cookie).

This seems to be the one that affects Canvas/Kaltura users. However, it turns out to be difficult to find the relevant host names so that you can set an exception for those sites.

It also seems to affect iCloud two-factor authentication. See: https://support.mozilla.org/questions/1364242

(2) If the cookie was set on an HTTPS page, it is not automatically passed to HTTP pages on the same server. In other words, SameSite consider the protocol (scheme) as well as the host name. This is a problem for older sites that use HTTP for most pages but do the login over HTTPS. Example: https://www.reddit.com/r/firefox/comments/s3iych/south_korea_cant_sign_in_to_some_websites_after/

(3) If the server specifies that third party cookies are okay by setting SameSite=None, this is only honored for HTTPS pages, not HTTP pages. I don't know whether this is causing problems on any sites.

more options

There is a change in Firefox 96 related to cookies and insecure sites.

See also:

As a workaround for now you can modify this pref on the about:config page to revert this change.

  • about:config => network.cookie.sameSite.laxByDefault = false

You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.

more options

This earlier suggestion seems to be the most practical: "For now, it makes sense to use a different browser for that site rather than tinker with the new settings, since we can't confidently give advice on them yet. Sorry for the inconvenience." I'm using Edge to access the sites that are blocked by Firefox. I hope Mozilla can eventually resolve the problem.