uMatrix is a very powerful tool, but using it requires that you understand its concept of defaults, inheritance, and especially its "scopes".
The scopes-feature allows to not only apply or reject third-party cookies, but to extend the idea of blocking third-party elements to images, scripts etc. This helps to prevent snooping companies from following you around, while you visit different web pages.
Click on the uMatrix icon.
uMatrix shows a table. The rows of this table are labled with domains, and the colums are labled with features.
The color of the fields show if that feature is permitted to be loaded from that domain. Green means permitted, red means blocked. Intensive colors show a specific permission and block, light colors show inherited permissions and blocks.
The list of domains shows from where the currently loaded web page tries to fetch additional contents. The columns show which kind of content it is. The numbers in the fields show how many requests of that kind (columns) are declared to be loaded from that domain.
To manually permit loading certain elements from a domain, click in the upper half of the field in the intersection of the domain and the feature. Click the lower half to block it. Click again do remove a permission or a block. If a certain kind of contents is neither explicitely permitted, nor blocked, then the permission will be determined by inheritance. More on this below.
If the upper left corner of a field has a different color than the rest, then the color of that corner shows the permanently saved state, and the rest of the field shows the current, temporarily modified state. To save the current state permanently, click the lock icon. The small number behind the lock item shows the number of unsaved changes.
There are two kinds of inheritance. One is from defaults and settings for current domain to specific domains, more on this later. The other is from domains to subdomains.
Usually subdomains inherit the permission (color) of the domain, but if you let uMatrix display subdomains, you can see and configure them individually. To do this let the mouse hover over the field labled "all" to make a tiny arrow appear. Click on the arrow to make it flip between pointing upwards and downwards. If it points upwards, subdomains are collapsed, and only the main domains shown. If it points downwards, uMatrix shows all used subdomains.
The big field on the left of the icons allows to change the scope. The most important scopes are the global scope (shown as a star symbol), and the current domain (labled with the name of the domain).
Changing the scope has two effects. It determines when your permissions and blocks are applied, and it toggles the display from showing the effect of inheritance.
If the global scope is selected, then the permissions and blocks that you declare will be applied regardless which page you are on, and the effects of inheritance are not show.
An example for a global rule would be to always allow or always deny the Facebook like button, on all web pages.
If a domain is selected as scope, then the colors in the table show the effect of inheritance (from domains to subdomains, and the rules for current domain), and the rules that you set there will be applied in the future only when you are again on that same domain.
The topmost domain line is labled "current domain". You should only make settings in this line while you have the global scope selected. These settings will apply to elements which are loaded from the same domain as the web page you have currently loaded, i.e. not third-party domains.
edit the rules to make them contain * * * block * 1st-party * inherit * 1st-party cookie allow * 1st-party css allow * 1st-party image allow
How can this be achieved in the UI, without manually editing the config?
HTTP Switchboard Wiki