From MozillaZine Knowledge Base
Jump to navigationJump to search

The urlclassifier2.sqlite file contains information on known phishing sites that is used to warn you should you visit one. The information is downloaded by default from a Google database once a day. This functionality can be modified or turned off in “Tools → Options → Security / Tell me... forgery”.

Originally, a file named urlclassifier.sqlite was used, but the format had to be changed because the file (obviously) contained references to phishing sites, which anti-virus software noticed and complained about. urlclassifier2.sqlite obfuscates the names of the sites to prevent this from happening.


The urlclassifier2.sqlite file is a binary SQLite database and should not be edited manually.


This file should not be moved.

Enhancement Bug 359145 - Configurable path for urlclassifier2.sqlite suggests that Firefox allow moving this file out of the profile.


Deleting urlclassifier2.sqlite will delete anti-phishing data. The file will be recreated and the data reloaded on next start up. Note, the new file may be significantly smaller since the database becomes fragmented over time. In other words, the same information will fit into less space. See Bug 383031 - how to shrink the urlclassifier2.sqllite file.

Users who want to minimize the size of their profile, such as for portable browsing, have several options:

  • Disable anti-Phishing in “Tools → Options → Security / Tell me... forgery” and delete the file.
  • Change the default “Check using a downloaded list of suspected sites” to “Check by asking _____ about each site I visit” located under “Tools → Options → Security / Tell me... forgery” (which changes the value of browser.safebrowsing.remoteLookups), and delete the file.
  • Use the default anti-Phishing settings, but delete the file so it will be recreated with reduced fragmentation.


The relevant about:config entries are:

External links