How to Disable Automatic Firefox ESR Updates
Firefox ESR (Extended Support Release) is Mozilla's long-term support version of the browser, designed for organizations, IT departments, schools, and power users who need stability over cutting-edge features. Unlike the standard Firefox release, ESR updates arrive less frequently — but they still update automatically by default. For many environments, that automatic behavior needs to be controlled or disabled entirely.
Here's what you need to know about how Firefox ESR handles updates, what your options are, and which variables determine the right approach for your setup.
What "Automatic Updates" Means in Firefox ESR
Firefox ESR ships with the same built-in updater as standard Firefox. By default, the browser checks Mozilla's servers periodically, downloads updates in the background, and applies them the next time Firefox restarts. This happens without explicit user approval unless you intervene.
For ESR specifically, these updates fall into two categories:
- Minor security/stability updates (e.g., 115.3.0 → 115.4.0): Applied within the same ESR cycle
- Major ESR version upgrades (e.g., ESR 115 → ESR 128): Transition to a new extended support cycle
Disabling automatic updates can mean blocking either or both of these, depending on your goal.
Method 1: Using Firefox's Built-In Settings
The simplest approach works directly inside the browser and requires no admin tools.
- Open Firefox ESR and go to the menu (☰) → Settings
- Scroll to the Firefox Updates section under the "General" tab
- Select "Check for updates but let you choose to install them" or "Never check for updates"
The "Never check for updates" option fully disables automatic downloading and installation. This works on a per-installation basis and is the least technically demanding method. However, it's worth knowing that this setting can be overridden by system policies or group configurations — more on that below.
Method 2: Group Policy (Windows — Managed Environments) 🖥️
For IT administrators managing Firefox ESR across multiple Windows machines, Group Policy is the standard method. Mozilla provides official ADMX templates that integrate with Active Directory or local Group Policy Editor.
Key policy settings relevant to updates:
| Policy Name | What It Controls |
|---|---|
DisableAppUpdate | Fully disables the update mechanism |
BlockAboutConfig | Prevents users from re-enabling updates manually |
UpdateURL | Redirects update checks to an internal server |
AppUpdateURL | Controls which server Firefox checks for updates |
To use these, you'll need to download Mozilla's policy templates from the official Firefox GitHub repository, install the ADMX files in the correct PolicyDefinitions folder, then configure via gpedit.msc or domain Group Policy Management Console.
This method is persistent, centrally managed, and survives Firefox reinstalls — which is why enterprise environments rely on it.
Method 3: mozilla.cfg and policies.json (Cross-Platform)
For macOS and Linux environments — or Windows setups without Active Directory — Mozilla supports a policies.json file that achieves the same result as Group Policy without requiring Windows infrastructure.
Place a policies.json file in the correct directory relative to the Firefox installation:
{ "policies": { "DisableAppUpdate": true } } File location by OS:
- Windows:
C:Program FilesMozilla Firefoxdistributionpolicies.json - macOS:
/Applications/Firefox.app/Contents/Resources/distribution/policies.json - Linux:
/usr/lib/firefox/distribution/policies.json(path may vary by distro)
This method is lightweight, doesn't require admin infrastructure, and works across platforms. It does require filesystem access to the Firefox installation directory — typically administrator or root-level access.
Method 4: about:config Preferences
Firefox's hidden configuration editor (about:config) includes update-related preferences that can be toggled manually:
app.update.enabled→ Set tofalseto disable update checksapp.update.auto→ Set tofalseto prevent automatic installation even when updates are found
⚠️ These preferences are considered soft controls. They can be reset by Firefox during certain operations, and they don't prevent a user with access to about:config from re-enabling them. For personal use on a single machine, they're adequate. For managed fleets, they're not reliable.
The Variables That Change Your Approach
Which method makes sense depends on several factors:
Administrative access: Policies-based methods require elevated permissions. A standard user account on a locked-down machine may have no viable path beyond the in-app settings toggle.
Number of machines: One personal computer is a very different problem from 200 workstations. Group Policy and policies.json both scale; manual in-app changes do not.
Operating system: Group Policy is Windows-native. macOS and Linux deployments lean on policies.json or package manager-level controls (common in Linux enterprise environments where Firefox is installed via apt, yum, or similar tools).
Why updates are being disabled: Organizations freezing browser versions for software compatibility reasons need a different level of control than a home user who simply wants to restart Firefox on their own schedule. Full policy lockdown versus a simple preference change are meaningfully different in scope.
ESR cycle stage: If you're approaching the end of an ESR cycle (e.g., ESR 115 nearing end-of-life), blocking updates entirely also blocks critical security patches. The risk profile of that decision varies significantly depending on whether the machine is internet-facing, air-gapped, or behind a managed network.
How tightly you need to control updates — and through what mechanism — ultimately comes down to your environment, your access level, and what "disabled" actually needs to mean for your situation.