This mode of operation bypasses the default DNS settings that exist at the OS level, which, in most cases are the ones set by local internet service providers (ISPs).
This also means that apps that support DoH can effectively bypass local ISPs traffic filters and access content that may be blocked by a local telco or local government — and a reason why DoH is currently hailed as a boon for users’ privacy and security.
This is one of the reasons that DoH has gained quite the popularity in less than two years after it launched, and a reason why a group of UK ISPs nominated Mozilla for the award of 2019 Internet Vilain for its plans to support the DoH protocol, which they said would thwart their efforts in filtering bad traffic.
As a response, and due to the complex situation in the UK where the government blocks access to copyright-infringing content, and where ISPs voluntarily block access to child abuse website, Mozilla has decided not to enable this feature by default for British users.
The below step-by-step guide will show Firefox users in the UK and Firefox users all over the world how to enable the feature right now, and not wait until Mozilla enables it later down the road — if it will ever do. There are two methods of enabling DoH support in Firefox.
METHOD 1 – VIA THE FIREFOX SETTINGS
Step 1: Go to the Firefox menu, choose Tools, and then Preferences. Optionally type about:preferences in the URL bar and press enter. This will open the Firefox prerences section.
Step 2: In the General section, scroll down to the Network Settings panel, and press the Settings button.
Image: ZDNet
Step 3: In the popup, scroll down and select “Enable DNS over HTTPS,” then configure your desired DoH resolver. You can use the built in Cloudflare resolver (a company with which Mozilla has reached an agreement to log less data about Firefox users), or use one of your choice, from this list.
Image: ZDNet
METHOD 2 – VIA ABOUT:CONFIG
Step 1: Type about:config in the URL bar and press Enter to access Firefox’s hidden configuration panel. Here users will need to enable and modify three settings.
Step 2: The first setting is network.trr.mode. This turns on DoH support. This setting supports four values:
- 0 – Default value in standard Firefox installations (currently is 5, which means DoH is disabled)
- 1 – DoH is enabled, but Firefox picks if it uses DoH or regular DNS based on which returns faster query responses
- 2 – DoH is enabled, and regular DNS works as a backup
- 3 – DoH is enabled, and regular DNS is disabled
- 5 – DoH is disabled
A value of 2 works best.
Image: ZDNet
Step 3: The second setting that needs to be modified is network.trr.uri. This is the URL of the DoH-compatible DNS server where Firefox will send DoH DNS queries. By default, Firefox uses Cloudflare’s DoH service located at https://mozilla.cloudflare-dns.com/dns-query. However, users can use their own DoH server URL. They can select one from the many available servers, from this list, here. The reason why Mozilla uses Cloudflare in Firefox is because the companies reached an agreement following which Cloudflare would collect very little data on DoH queries coming from Firefox users.
Image: ZDNet
Step 4: The third setting is optional and you can skip this one. But if things don’t work, you can use this one as a backup for Step 3. The option is called network.trr.bootstrapAddressand is an input field where users can enter the numerical IP address of the DoH-compatible DNS resolver they entered in Step 3. For Cloudflare, that would be 1.1.1.1. For Google’s service, that would be 8.8.8.8. If you used another DoH resolver’s URL, you’ll need to track down that server’s IP and enter it here, if ever necesarry.
Image: ZDNet
Normally, the URL entered in Step 3 should be enough, though.
Settings should apply right away, but in case they don’t work, give Firefox a restart.
Source: ZDNet