How To Enable DNS Over HTTPS In Your Web Browser

4 years ago

February 26, 2020 at 10:15 am

Mozilla has started rolling out DNS over HTTPS for all Firefox users, a solid security change that’s meant to address the issue of third parties spying on the websites you’re visiting. Normally, when you type a website into your browser’s address bar and hit Enter, your browser uses DNS to map the domain name to the actual IP address of the server you’re trying to reach—the one that hosts the website you’re looking to visit.

DNS queries are typically unencrypted, which means that these requests can “leak” and be easily intercepted by a third party. This allows everyone from hackers to advertisers to easily view what websites you’re trying to visit, even if the sites themselves are encrypted (HTTPS). As the Centre for Democracy and Technology describes:

This process happens every time you type an address into your browser, every time you send an email, and every time you click a link. Some websites may contain content embedded from other domains, in which case the page itself may trigger additional DNS queries. So, even if all of the actual content of the sites you visit is encrypted, the DNS resolver (and anyone else monitoring the network) sees every single site you visit, every time you visit. This record can be used to infer what you look at, the kinds of information you are looking for, when and how you use the internet, and other personal information. Some DNS providers sell or use this information for targeted advertising.

Beyond the privacy implications of a third party monitoring and selling your internet usage, DNS presents serious security problems. Specifically, DNS is susceptible to man-in-the-middle attacks in which a malicious actor (not the DNS service) intercepts the DNS query and returns an incorrect IP address, potentially directing the user to a harmful site. This ‘spoofing’ attack can be mitigated through the use of additional verification procedures, such as DNSSEC, but many domains do not do this.

With DNS over HTTPS enabled, Mozilla writes, your browsing history should be much more hidden from potential attackers and companies that are trying to track what you’re up to online. But Firefox isn’t the only browser that can handle DNS over HTTPS. Here’s a quick look at how to enable DNS over HTTPS in all the major browsers—Mozilla’s included, if you’re impatient and don’t want to wait for the rollout to hit.

Mozilla Firefox

Click on the hamburger icon in the upper-right corner of your browser, and then click on Options.
Scroll down to “Network Settings” in the General settings section, and click on the Settings button.
Click “Enable DNS over HTTPS” and pick a provider, like CloudFlare, or enter your own under “Custom.”

Google Chrome

Copy and paste this into your browser’s address bar, and hit Enter: chrome://flags/#dns-over-https
Enable the flag for “Secure DNS lookups” and restart your browser
Make sure you’ve switched your operating system’s network settings. Instead of automatically acquiring a DNS from your ISP, you’ll want to force it to use one of the providers from Chrome’s mapping table.

Edge Chromium

Copy and paste this into your browser’s address bar, and hit Enter: edge://flags/#dns-over-https
Enable the flag for “Secure DNS lookups” and restart your browser
Make sure you’ve switched your operating system’s network settings. Instead of automatically acquiring a DNS from your ISP, you’ll want to force it to use one of the providers that support DNS over HTTPS.

Brave

Copy and paste this into your browser’s address bar, and hit Enter: brave://flags/#dns-over-https
Enable the flag for “Secure DNS lookups” and restart your browser
Make sure you’ve switched your operating system’s network settings. Instead of automatically acquiring a DNS from your ISP, you’ll want to force it to use one of the providers that support DNS over HTTPS.

How to see if DNS over HTTPS is working correctly

Simply visit Cloudflare’s help page, which will run a quick check to tell you if your browser is using DNS over HTTPS:

What about Safari?

Sorry, Mac fans. Apple hasn’t yet implemented this feature in Safari, but I would expect the company to do so at some point. Apple, being big on privacy and all, would have no reason to be the only company not offering DNS over HTTPS in its primary browser.

How to Block the New Ads Microsoft Added to Windows 11

Everyone Who Pays for Slack Can Now Try Its New AI Tools

What ‘Bitcoin Halving’ Means (and Why It Matters)

A Beginner’s Guide to Backyard Astronomy

What to Do When YouTube Warns You About Your Ad Blocker

The Best Mobile Plans to Keep Your Phone Bill Under $30

Here Are Amazon Australia’s Best Deals of the Week

Here Are the Fastest Internet Providers and NBN Plans in Australia

19 Sustainable Mother’s Day Gifts That’ll Show Some Love to Your Mum and the Planet

Save up to $300 on Optus’ Biggest SIM-Only Plan Bundle