• Firefox – DNS over HTTPS

    Home » Forums » AskWoody support » Questions: Browsers and desktop software » Other browsers » Firefox – DNS over HTTPS

    Author
    Topic
    ScotchJohn
    AskWoody Lounger
    October 21, 2021 at 8:10 am #2397068

    This relates to my experience with Firefox, though it may apply to other browsers.

    It came up yesterday when an online bridge group to which I belong sat down to play and tried to log-in to BridgeBase Online.  One of us got in, the other three were denied.  I tried half-a-dozen or so of the various “down detectors”, some said http://www.bridgebase.com was down, others said it was not.

    One piece of advice given by one of them was to change my Firefox settings to “DNS over HTTPS”.  Two of my group made this change and were able to log-in, the fourth must have been using an old version of FF, because the switch was not where I was describing it.  We played Trickster instead.

    I don’t think that I understand how this change affects how my FF reacts with the internet.  Have I changed my browser security – for the better / for the worse?  Also, I don’t want to be responsible for getting my fellow players to change to a setting that leaves them less secure than previously.

    Can anyone explain this to me, please?

    Dell E5570 Latitude, Intel Core i5 6440@2.60 GHz, 8.00 GB - Win 10 Pro

    Reply | Quote
    Viewing 6 reply threads
    Author
    Replies
    • Sky
      AskWoody Plus
      October 21, 2021 at 10:37 am #2397086

      When you enter a web address into your browser, the browser requests the IP address that corresponds to that web address via a DNS (Domain Name System), so it knows where to direct your request. By default, browsers do this unsecured, which is obviously vulnerable. Firefox allows you to (if you’re in the US, if I recall correctly) make the request over HTTPS, which is more secure, although not invulnerable.

      The only potential downside is that Firefox does this by using the Cloudflare service by default, so it comes down to how you feel about that company. As I recall, Cloudflare did an external audit of their DNS a while back and found that some data was unintentionally kept for up to 24 hours in a tiny minority of cases, but the audit was very transparent and it seemed to me like that they were prioritising privacy, and they did pass the audit, so I would personally not have a problem with them.

      Reply | Quote
    • Michael432
      AskWoody_MVP
      October 21, 2021 at 11:03 am #2397098

      First off, it is always a good idea to have two installed web browsers for just this sort of thing.

      All browsers now offer secure DNS, not just Firefox.

      Whatever issue you had was not with secure DNS, but with the specific DNS provider. Firefox lets you chose amongst a few.

      We can’t be sure your problem was a server side temporary thing or a DNS problem on your computer and those of your friends.

      There are programs on Windows that will trace every DNS call so you can see for yourself if a domain/subdomain failed to resolve/translate.

      Secure DNS is a good thing in that it hides your DNS requests from your ISP. A VPN does this and much more. Cloudflare is a trustworthy DNS provider. Any secure DNS provider is probably better than using the defaults.

      Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

      Reply | Quote
    • CraigS26
      AskWoody Plus
      October 21, 2021 at 11:50 am #2397109

      Because of a prior post here at AW I started using Quad9 and simply entered the following string in the FF Custom Box: https://dns.quad9.net/dns-query.

      Offered just as a Plan B choice AND in case someone knows something Great/Bad about Quad9 we’d all benefit from.

      Config Settings: https://www.quad9.net/service/service-addresses-and-features/#ip

      W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0

      Reply | Quote
      • anonymous
        Guest
        October 21, 2021 at 6:50 pm #2397198

        Hi,

        I also used quad 9 it is good. They use to be in California but left to move to Switzerland to get away from the US rules and regulations if I remember correctly. I also have Ad Guard DNS I found my webpages that I have in my favorites load with lots of ads with creates longer load times and very frustrating what an improvement I have seen. I have used Cloudfare which from the reviews claimed to be the fastest around but I see after a few day’s was slow. I’m presently use Ad Guard.

        Reply | Quote
    • anonymous
      Guest
      October 21, 2021 at 3:40 pm #2397155

      In previous discussions here I got the impression to turn off DNS Over HTTPS in Firefox which I did.  Here also is an article on the cons of DNS over HTTPS:

      https://www.zdnet.com/article/dns-over-https-causes-more-problems-than-it-solves-experts-say/

      I think this discussion warrants more investigation.  Does anyone else want to jump in?  Should I now enable this — or not?

      1 user thanked author for this post.
      wavy
      Reply | Quote
    • CraigS26
      AskWoody Plus
      October 23, 2021 at 10:52 am #2397403
      anonymous wrote:

      I have used Cloudfare which from the reviews claimed to be the fastest around but I see after a few day’s was slow. I’m presently use Ad Guard.

      I switched to try this and the Firefox DNS Custom Box string is:
      https://dns.adguard.com/dns-query

      Sites…..
      https://adguard.com/en/adguard-dns/setup.html
      https://adguard.com/en/blog/adguard-comment-on-dns-over-https-firefox-cloudflare.html

      W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0

      Reply | Quote
    • wavy
      AskWoody Plus
      October 25, 2021 at 1:26 pm #2397742
      Michael432 wrote:

      All browsers now offer secure DNS, not just Firefox.

      Not true! Pale Moon does and will not.

      https://forum.palemoon.org/viewtopic.php?f=62&t=18678&p=137637&hilit=doh#p137637

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      Reply | Quote
    • Alex5723
      AskWoody Plus
      October 25, 2021 at 2:33 pm #2397758
      Reply | Quote
    Viewing 6 reply threads
    Reply To: Firefox – DNS over HTTPS

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.