• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
home / tweaks / DNS-over-HTTPS activation in Firefox

DNS-over-HTTPS activation in Firefox

07/07/2019 13:00 by giorgos

DNS-over-HTTPS (DoH) is a much-discussed feature right now, and Firefox is the only one that supports it.

However, the feature is not enabled by default for Firefox users, and below we will see how to enable it.

But before we get to the driver, let's first describe what the new protocol does.

How DNS-over-HTTPS works

mozilla logo - DNS-over-HTTPS enabled in Firefox

The DNS-over-HTTPS protocol works by taking the domain that a user typed into the browser and sending a query to a DNS server to find out the numeric IP address of the web server that hosts that particular site.

This is how the normal DNS works. However, DoH receives the DNS query and sends it to a DoH-compatible DNS (resolver) server via an encrypted HTTPS connection on the 443 port instead of as a plain text on the 53 port.

In this way, DoH hides DNS queries through HTTPS, so a third party who monitors your connections will not be able to invade traffic and change the DNS queries you send.

In addition, a secondary feature of DNS-over-HTTPS is that the protocol also works at application level. Applications can contain internal hardcoded lists of DoH-compatible DNS resolvers where they can send DoH queries.

DNS 1024x587 - DNS-over-HTTPS enabled in Firefox

This mode overrides the default DNS settings at the operating system level, which in most cases are those defined by local ISPs.

This also means that applications that support DoH can effectively bypass local ISP filters and even access to blocked content.

Here's how you can enable DNS-over-HTTPS on your Firefox until Mozilla decides to enable it by default - if it ever does.

Open the internal address about: config to access the hidden configuration panel of Firefox. Here we need to modify three settings.

The first setting is network.trr.mode. Enables DoH support. This setting supports four values:

0 - DoH is off
1 - DoH is enabled, but Firefox chooses whether to use the DoH protocol or normal DNS depending on which returns faster answers to queries.
2 - DoH is enabled and normal DNS acts as a backup
3 - DoH is enabled and normal DNS is disabled

The 2 value seems to work fine.

dns doh 1024x126 - DNS-over-HTTPS enabled in Firefox

The second setting to be modified is network.trr.uri. This is the URL of a DoH-compatible DNS server, and Firefox will send DNS DoH queries.

By default, Firefox uses the Cloudflare DoH service located at

https://mozilla.cloudflare-dns.com/dns-query

However, if you have a different one you can use your own URL for a DoH server. You can choose one of the many servers available, which are on this list.

The reason why Mozilla uses Cloudflare in Firefox is because the two companies reached an agreement after which Cloudflare will collect very little data from DoH queries from Firefox users.

dohff 1024x99 - DNS-over-HTTPS enabled in Firefox

The third setting is optional and you can skip it. The option is called network.trr.bootstrapAddress and is an input field where you can enter the numeric IP address of a DNS-compliant DNS. Cloudflare for example has IP 1.1.1.1. Google, IP 8.8.8.8.

The above settings should work immediately, but in case they do not work, restart Firefox.

______________

  • Facebook Messenger on your website
  • Windows 1.11 available in the Microsoft Store
DNS-over-HTTPS activation in Firefox was last modified: 7 July, 2019, 1: 01 mm by giorgos

Subscribe to our newsletter

no spam

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: tweaksDay: cloudflare, https, IP, Mozilla, network

You May Also Like

Mozilla has added a cookie jar to Firefox
Capture HTTPS / FTP packages with ARP Spoofing and MITM
Brave the first browser with Peer-to-Peer IPFS protocol

About Us giorgos

George still wonders what he's doing here ...

Previous Post: « Windows PE Bootable Windows PE recovery discs that will store your system
Next Post: Canonical violated her GitHub account »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loadingCancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.