Block ISP Snooping With Firefox's DNS Over HTTPS Tool

Image: Mozilla

Mozilla will enable Firefox’s DNS over HTTPS (DoH) service by default for all users. Here’s why that’s important: DoH keeps your internet browsing private and secure by hiding DNS requests — from your ISP, from software on your system (like parental control apps or other blocking software), and from anything else that might try to suss out what you’re up to.

The feature is due in late September but you can manually enable it right now. Here are the required steps.

DoH will soon be a default feature for a small subset of Firefox users once the update rolls out, and a broader rollout once everything is confirmed to work without issue. The feature also happens to be available in Firefox browsers right now for those who don’t want to wait—all it takes is a few tweaks in the settings menu:

Screenshot: Brendan Hesse, Firefox
  1. Open a new Firefox tab on desktop.

  2. Type “about:preferences#general” into the address bar and press Enter.

  3. Scroll down to Network Settings and click “Settings.”

  4. Scroll down and tick the box next to “Enable DNS over HTTPS.”

  5. Once enabled, you can configure your DNS provider settings. Click the drop-down box and select “Cloudflare” to use the default DNS provider and settings—which we suggest for the general user—or select “Custom” to manually set up your own if you have a separate service you wish to use. (For what it’s worth, one of the reasons Cloudflare and Mozilla partnered up is because Cloudflare agreed to collect as little traffic data as possible from Firefox users.)

The above steps are the “easy way” of turning on DNS over HTTPS in Firefox; there’s also a more complicated way that allows you to mess with the settings as you go.

  1. In a new Firefox tab, type “about:config” in the address bar and press Enter. You’ll be given a warning that messing with these settings may void your warranty and make Firefox unstable—both of which are true—but go ahead and accept the warning and continue anyway.

  2. Look for “network.trr.mode” and set its value to one of the following numbers: 5: DoH is disabled (default setting); 3: DoH enabled, regular DNS is disabled; 2: DoH enabled, regular DNS is kept as backup; 1: DoH and regular DNS enabled, but Firefox will decide which to use for each website. We recommend using a value of 2 for now since it prioritises DoH, but feel free to use one of the others if you prefer.

  3. Next, go to “network.trr.uri.” To use the default Firefox DoH service, set the URL as “mozilla.cloudflare-dns.com/dns-query.”If you have a different service, use its address instead.

  4. Lastly, find “network.trr.bootstrapAddress.” Input the numerical IP address for your DoH’s DNS resolver. The default Cloudflare/Mozilla address is 1.1.1.1, but you’ll need to find your specific service’s IP address if you’re using something different.

  5. Restart Firefox for the changes to take effect, and DoH should now be enabled.


Comments

Be the first to comment on this story!

Trending Stories Right Now