Are you already enabled DoH (DNS over HTTPS)on your browser?
What is DNS over HTTPS (DoH) ??.
In simple words, the protocol that can encrypt your browsing connection by hiding your DNS queries and response from any intrusions and tampering.
In more details, according to IETF, DoH are.
- Sending DNS [RFC1035] queries and getting DNS responses over HTTP [RFC7540] using https [RFC2818] URIs (and therefore TLS [RFC8446] security for integrity and confidentiality).
- Each DNS query-response pair is mapped into an HTTP exchange
and you can refer to this IETF RFC document here;
Yes, if you really need more information about DoH, you can just search on Google, and actually a lot of people have already written about it. So this post is intended to guide how you can enable and set your browser to increase your security.
Enable DoH on Your Browser (Mozila Firefox)
For sure, you need to open your browser then go to setting. you can also paste this “about:preferences” in your browser tab and it will open up the browser setting. Then inside the search input “network” then click Settings.. to open up the Connection Settings menus.
Look at the bottom of it, then click to check on “Enable DNS over HTTPS”, then select the provider, or you can add custom DNS that know. Then click OK.
Okay you done, next lets continue for other browser.
Enable DoH on Your Browser (Google Chrome)
For Google Chrome, click setting from the menu or enter this into the address bar; “chrome://settings/privacy” It will bring you directly to the “Security and Privacy” setting page. Then click on the Security tab.
Once inside, scroll down then look for the part Advanced > Use secure DNS and click the button on the right side to enable.
Then click on the second one (With) then the dropdown will be shown, then select any provider you like, i would prefer to use CloudFlare DNS.
Then complete!.
Enable DoH on Your Browser (Microsoft Edge)
Edge browser is smiliar to chrome, just need to open the setting then navigate to the “Privacy, search, and services” or you can paste this into your browser address bar; “edge://settings/privacy” it will open up the Privacy pages setting. Scroll down until you see the Security setting part, then look for “Use secure DNS to specify how to lookup the network address for websites”, ensure you slide it and make it blue color.
Then select the second one (Choose a service provider), it will show up the dropdown selection, Then select your preferred provider, You can choose any of them. As for this example, I used Cloudflare.
Alright now you are good to go and complete!. Sorry if I did not cover all the browsers, but for most chromium based browsers like Opera/Brave or so on you can find the setting under Privacy & Security.
Enable DoH on Mobile Web Browser (Chrome)
Open your Chrome browser on your phone, then navigate to the setting, then click on Privacy and security, then look for “Use secure DNS”.
Then select the “Choose another provider” , then select any provider you want to use, then you are good to go!.
How to verify your DoH is working?
Okay you also need to know right if your setting is working or not. There are two methods you can test. The first one, you can open this page;
then click on Standard or Extended test, and you need to make sure the result shows the provider that you used and not your ISP name. As for my example, I’m using Cloudflare as my DNS provider then it should show something like below:
As you can see from the picture below the DNS return from the test is coming from Cloudflare instead your ISP name, if you see your ISP name here maybe you need to restart your browser and try again.
Okay for the next test is from Cloudflare itself, you can open this page;
Then let it runs for few seconds and you should expect the result like below, and to verify the “Using DNS over HTTPS (DoH)” should mark as Yes that will indicate your setting is working.
What else you can do with DoH?.
Yes, alright that is! and now you should be happy having a secure browsing experience lol. hahaha. So, basically, in my opinion, sometimes you do not need VPN to secure your connection, without need to pay extra dollars for it. Just use this free setting provided in your browser to enjoy a secure connection.
Besides that, you can also set your custom DNS to a DNS provider that offer extra services such as DNS for parental control or for blocking ads. To block the ads by using DNS, you can try to set custom DNS to AdGuard DNS, You can refer here to the whole list about DNS and they also include a list of other providers. https://kb.adguard.com/en/general/dns-providers
Head over to the website above, then copy the DNS-Over-HTTPS that you want to use, For this example, we used Default, and it says can “provide ads, trackers, and phishing protection”. Then add the URL to your browser like below.
Once added, you can verify again using the step above to see if it works or not. or you can head to https://adblock-tester.com/ to test if it managed to block ads or not. I got like 65/100, so I think it is a good right since it is free.
For parental control, and if you want to block your child's browser from accessing adult content, you can go to https://cleanbrowsing.org/guides/dnsoverhttps/
Then look for the filter you wanted to use, I recommended to use the “Family Filter” then get the URLs from the website and copy into your DoH setting in any of your browser.
Below is an example. I put this setting into my Firefox browser;
And actually, if you add this setting, it also filters the search engine, it will automatically enable Safe Search then it cannot be disabled.
I think that is for now, so hopefully this will be useful for you, and don't forget to enable DoH on your browser and ensure you are secured while browsing, don't forgot to share to others if you think this useful. :D
