skip to main content
0
CookiePro Blog September 12, 2019

DNS-over-HTTPS (DoH) – A New Standard of Web Encryption

What is DNS-over-HTTPS (DoH)? 

Actually, first it might be good to have a refresher on DNS and HTTPS. The Domain Name System (DNS) was created in 1983 to connect numerical IP addresses (e.g. 8.8.8.8) to something more readable to humans (ex. www.cookiepro.com). Hypertext transfer protocol secure (HTTPS) is an internet protocol that sends data from a website to a web browser and encrypts the body of a webpage to protect against cyberattacks. 

DoH is a way of connecting the human readable domain name to their respective numerical IP address via the encrypted HTTPS protocol. Until now, all requests through DNS were done with zero encryption – that’s 36 years’ worth of requests that weren’t encrypted! 

Why it matters? 

The type of information sent through DNS mostly consists of the domain name, so it’s not necessarily a large swath of personally identifiable information, but it could be used for malicious purposes or by ISP’s to harvest information of how their customers are browsing the web. 

By introducing DoH, Firefox and Chrome are giving users the ability to hide their web browsing from even their internet service provider (ISP). This gives users more control on who has access to their browsing habits and provides an extra layer of anonymity and security.  

In theory, DoH should make the web safer and improve user privacy by encrypting DNS query traffic so that third parties cannot intervene and redirect them to phishing websites.  

The main critics of the move are ISP’s who are saying that by not having visibility to the unencrypted DNS, they will not be able provide parental controls or comply with legal obligations to block copyrighted information. However, Firefox has said they will automatically disable DoH if they detect parental controls on the network.  

How to enable it? 

Firefox 

Last week, Mozilla announced that Firefox is rolling out DoH by default to their US users beginning at the end of September as a monitored experiment. If you want to enable early, follow these steps: 

Step 1: Go to the Firefox menu > choose Tools > Preferences.  

Step 2: Go to the General section, scroll to the Network Settings panel, and press the Settings button. 

Step 3: In the popup, scroll and select “Enable DNS over HTTPS,” then configure your desired DoH resolver. You can use the built in Cloudflare resolver (a company with which Mozilla has reached an agreement to log less data about Firefox users), or use one of your choice, from this list.  

Chrome 

Right now, to enable DoH on Chrome you will use some command line methods using these instructions. However, Google announced that they will be releasing as a settings option in Chrome 78 being released at the end of October. Currently, here’s how to enable it for Windows:  

Step 1: Right click Chrome on your task bar > Google Chrome > Properties 

Step 2: Replace the text in the “target” box with the following code:  

chrome.exe –enable-features=”dns-over-https<DoHTrial” –force-fieldtrials=”DoHTrial/Group1″ –force-fieldtrial-params=”DoHTrial.Group1:server/https%3A%2F%2F1.1.1.1%2Fdns-query/method/POST 

Step 3: Restart Chrome and open it back up. To confirm it is set up correctly, visit 1.1.1.1/help and there should be a “Yes” beside “Using DNS over HTTPS”.  

While there are different opinions about DoH, it will be a popular topic of conversation in the cyber world for months to come.  

Recent Posts

DeveloperWeek 2020 Deep Dive
DeveloperWeek 2020 Deep Dive
Last week, CookiePro sponsored DeveloperWeek 2020, one of the largest developer conferences in the United States. Learn more about our time...
+ View Article
CookiePro Sponsors Orlando DrupalCamp
CookiePro Sponsors Orlando DrupalCamp
The CookiePro team is heading to Orlando for DrupalCamp! Visit our booth to learn about the different plugins we have available for Drupal...
+ View Article
CookiePro CMS Plugins & Modules
CookiePro CMS Plugins & Modules
CookiePro has plugins that integrate with WordPress and Drupal with additional plugins for Joomla, Magento, and more coming soon. Learn more...
+ View Article
Cross-Site Tracking Deep Dive
Cross-Site Tracking Deep Dive
Cross-Site Tracking is a trending topic lately. Let's dive into what you need to know about cross-site tracking.
+ View Article
popup close button