DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver.
DNS over HTTPS - Wikipedia
DNS Over HTTPS can be useful on Android if you want to use blocklists without the need for addons or extra software.
I previously wrote about Mozilla forcing Cloudflare DoH being a negative thing, mainly due to centralizing all requests to a single service.
Since then there has been an effort to create more options with more providers setting up services.
Picking a Server #
Things to look for
The best list of public DoH services I could find is on the curl wiki.
There are many options with different features including malware blocking & cloud services that allow the use of custom blocklists.
DNS Over HTTPS only works on Firefox Nightly at time of writing
Nightly is an unstable testing and development platform
The interface for setting DNS over HTTPS is not implemented in Firefox on Android
Set these options in
- Type network.trr.mode
- Set Value to 3
- Type network.trr.custom_uri
- Set Value to provider uri (eg:
Disable WebRTC #
If you are using a VPN you may want to disable WebRTC to prevent your real IP being exposed.
- Type media.peerconnection.enabled
- Toggle to false
Disable Data Collection #
By default, Firefox Nightly automatically sends data to Mozilla
As nightly is considered a development platform & sends data you may want to disable data collection.
- Open Settings
- Go To Data collection
- Disable Options
- Usage and technical data
- Marketing data (mobile marketing vendor)
Check Settings Applied #
Click the links below to check the settings have been successfully applied.