Secure DNS lookups

How to enable DNS over HTTPS in Firefox

Firefox can now encrypt DNS queries over HTTPS to improve security and privacy, and these are the steps to enable it.

Firefox DNS over HTTPS configuration

Firefox supports “DNS over HTTPS (DoH),” and these are the steps to enable it to boost security and privacy while browsing the web.

Domain Name System (DNS) is the protocol responsible for translating friendly internet domain names into IP addresses that computers can understand to find and load websites on your browser.

However, these queries are transmitted over the internet in plain text, which is not secure. The DNS over HTTPS uses the Hypertext Transfer Protocol Secure (HTTPS) protocol to encrypt the communication to improve security and privacy minimizing attacks and preventing malicious individuals from snooping.

In this guide, you’ll learn the steps to enable DNS over HTTPS in Firefox on Windows 10.

How to enable DNS over HTTPS in Firefox

On Firefox there are at least two ways to configure DNS over HTTPS, including using the user-friendly preferences settings and the config settings.

Enabling DoH using Preferences settings

To enable DNS over HTTPS using the preferences settings, use these steps:

  1. Open Firefox.

  2. Type the following path in the address bar and press Enter:

    about:preferences
  3. Click on General.

  4. Under the “Network Settings” section, click the Settings button.

    Firefox General settings
    Firefox General settings
  5. Check the Enable DNS over HTTPS option.

  6. Use the “Use Provider” drop-down menu to select the DNS resolver that you want to use. (The default is Cloudflare, if you prefer another service, select the Custom option to configure it.)

    Enable DNS over HTTPS on Firefox
    Enable DNS over HTTPS on Firefox
    • https://dns.google/dns-query
    • https://cloudflare-dns.com/dns-query
    • https://doh.opendns.com/dns-query
  7. Click the OK button.

Once you complete the steps, the DNS queries will be sent encrypted to the resolver you specified.

These are just some examples, but you can choose from a lot of other services. GitHub has a long list of services that you can use.

Enabling DoH using Config settings

To enable DNS over HTTPS using the advanced config settings, use these steps:

  1. Open Firefox.

  2. Type the following path in the address bar and press Enter:

    about:config
  3. Click the I accept the risk button.

  4. Search for the network.trr.mode setting.

  5. Double-click the setting and change its value from 3 to 2.

    network.trr.mode on Firefox
    network.trr.mode on Firefox

    Quick note: Option 3 means TRR only mode, 2 means prioritize DoH, 1 means pick fastest protocol automatically, and 0 means disable the feature.

  6. Click the OK button.

  7. Search for the network.trr.uri setting.

  8. Double click the setting and change its value for the DNS over HTTPS service that you want to use.

    network.trr.uri setting on Firefox
    network.trr.uri setting on Firefox
  9. Click the OK button.

  10. (Optional) Search for network.trr.bootstrapAddress setting.

  11. Double-click the setting and change its value for the TCP/IP address of the resolver you specified on step No. 8.

    network.trr.bootStrapAddress setting on Firefox
    network.trr.bootStrapAddress setting on Firefox
  12. Click the OK button.

After you complete the steps, Firefox will transmit Domain Name System queries encrypted using the HTTPS protocol.