The Internet has revolutionized communications, but its conveniences and uses also has its downsides when it comes to user privacy and anonymity. If you’re serious about your security and privacy when connected to the internet, you should consider enabling DNS-over-HTTPS (DoH) in your web browser.
Currently, only Mozilla Firefox and Google Chrome support the DoH web protocol. However, both of the web browsers don’t have DNS-over-HTTPS enabled out of the box. Users will have to tweak some advanced settings to get DoH up and running.
What is DoH and How Does it Work?
DNS-over-HTTPS (DoH) is a new web protocol. Just like the Original DNS protocol, it works by sending the domain name that a user requested to a DNS server as a query and look up the IP address for a specific website.
However, the traditional DNS protocol sends the request to servers over a plain text connection, whereas the new DoH protocol sends the domain name to a DoH-compatible DNS server using an encrypted HTTPS connection. This prevents third-party observers from seeing what websites you are about to access.
To make the whole process more secure, a secondary layer of DoH protocol can be implemented at an app level, which forces apps to send data packets and redirect network traffic through a list of encrypted DoH compatible DNS servers.
If you are considering enabling DoH protocol in your Firefox or Chrome browser, continue reading this article as we have compiled a step-by-step guide on how to enable DoH in Firefox and Chrome.
How to Enable DNS-over-HTTPS in Your Browser
- Enabling DoH in Mozilla Firefox
- Enabling DoH in Google Chrome
Enabling DoH in Mozilla Firefox
You can enable DoH in your Firefox connection settings. Before proceeding, make sure you have the latest version of Mozilla Firefox. Here’s how to do it:
- Launch Firefox on your PC. Now click on the three-lined sandwich icon (☰) and choose Options.
- Now, in the General section, scroll down to the Network Settings panel and click on the ‘Settings…’ button.
- A dialog box will open up. Scroll down to Enable DNS over HTTPS. Click on the tick box to enable it.
- You can also change your preferred DoH resolver from the same menu. Click on Use Default to use the built-in Cloudflare resolver (184.108.40.206) or use one of your choices from the GitHub list here.
Enabling DoH in Google Chrome
In Chrome, enabling DoH in Chrome isn’t as easy as Firefox, because Google is still working to properly implement the web protocol in Chrome. There is no user interface or hidden chrome flags to enable DoH. Users have to use a command-line flag in the launch options of Chrome. Here’s how to do it:
- Find your Chrome shortcut on your desktop.
- Right-click on the shortcut, and then click on Properties from the drop-down menu.
- In the Target field, paste the following text at the end of the shortcut path: –enable-features=”dns-over-https<DoHTrial” –force-fieldtrials=”DoHTrial/Group1″ –force-fieldtrial-params=”DoHTrial.Group1:server/https%3A%2F%2F220.127.116.11%2Fdns-query/method/POST
- The above command line will force Chrome to use the Cloudflare DoH server. You can replace 18.104.22.168 with dns.google if you want to use Google’s DoH instead. For any other DoH server, click here and choose from the list.
- Make sure the full string is like this: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe –enable-features=”dns-over-https<DoHTrial” –force-fieldtrials=”DoHTrial/Group1″ –force-fieldtrial-params=”DoHTrial.Group1:server/https%3A%2F%2F22.214.171.124%2Fdns-query/method/POST Otherwise it won’t work. Now, click on Apply to save the changes.
You can now launch Google Chrome with DoH protocol enabled. To make sure it’s working properly, go to https://126.96.36.199/help and check if it says ‘Yes’ for ‘Using DNS over HTTPS (DoH)’ in the Debug Information.
Pros and Cons of using DoH
Here are some pros and cons of using DoH in your web browser:
- All DoH traffic goes through HTTPS encryption and sent to a DoH DNS resolver, which means that the domain name queries are encrypted and remain hidden to the standard network traffic.
- App-level DoH can bypass OS-level DNS settings, which are the ones set by your local internet service providers (ISP). This means that DoH- supported applications such as web browsers can bypass your ISP’s network filters and gives you the ability to access content blocked by your ISP or the government.
- Your ISP won’t be able to collect and sell your personal information related to your browsing activity to third-party advertisers.
- Some organizations put special policies on DNS to block malware, monitor browser activities or filter browser’s access to specific websites. When DoH is enabled, it’s an active violation of the special policies.
- DoH can potentially affect your internet speed, but according to Mozilla’s test results, the default DoH resolver in Mozilla Firefox has a minimal impact and in many cases, the conducted tests showed improvement.
For the latest tech news and updates, Install TechnoCodex App and follow us on Facebook and Twitter. Also, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.