skip to main content
CookiePro Blog September 12, 2019

DNS-over-HTTPS (DoH) – A New Standard of Web Encryption

What is DNS-over-HTTPS (DoH)? 

Actually, first it might be good to have a refresher on DNS and HTTPS. The Domain Name System (DNS) was created in 1983 to connect numerical IP addresses (e.g. 8.8.8.8) to something more readable to humans (ex. www.cookiepro.com). Hypertext transfer protocol secure (HTTPS) is an internet protocol that sends data from a website to a web browser and encrypts the body of a webpage to protect against cyberattacks. 

DoH is a way of connecting the human readable domain name to their respective numerical IP address via the encrypted HTTPS protocol. Until now, all requests through DNS were done with zero encryption – that’s 36 years’ worth of requests that weren’t encrypted! 

Why it matters? 

The type of information sent through DNS mostly consists of the domain name, so it’s not necessarily a large swath of personally identifiable information, but it could be used for malicious purposes or by ISP’s to harvest information of how their customers are browsing the web. 

By introducing DoH, Firefox and Chrome are giving users the ability to hide their web browsing from even their internet service provider (ISP). This gives users more control on who has access to their browsing habits and provides an extra layer of anonymity and security.  

In theory, DoH should make the web safer and improve user privacy by encrypting DNS query traffic so that third parties cannot intervene and redirect them to phishing websites.  

The main critics of the move are ISP’s who are saying that by not having visibility to the unencrypted DNS, they will not be able provide parental controls or comply with legal obligations to block copyrighted information. However, Firefox has said they will automatically disable DoH if they detect parental controls on the network.  

How to enable it? 

Firefox 

Last week, Mozilla announced that Firefox is rolling out DoH by default to their US users beginning at the end of September as a monitored experiment. If you want to enable early, follow these steps: 

Step 1: Go to the Firefox menu > choose Tools > Preferences.  

Step 2: Go to the General section, scroll to the Network Settings panel, and press the Settings button. 

Step 3: In the popup, scroll and select “Enable DNS over HTTPS,” then configure your desired DoH resolver. You can use the built in Cloudflare resolver (a company with which Mozilla has reached an agreement to log less data about Firefox users), or use one of your choice, from this list.  

Chrome 

Right now, to enable DoH on Chrome you will use some command line methods using these instructions. However, Google announced that they will be releasing as a settings option in Chrome 78 being released at the end of October. Currently, here’s how to enable it for Windows:  

Step 1: Right click Chrome on your task bar > Google Chrome > Properties 

Step 2: Replace the text in the “target” box with the following code:  

chrome.exe –enable-features=”dns-over-https<DoHTrial” –force-fieldtrials=”DoHTrial/Group1″ –force-fieldtrial-params=”DoHTrial.Group1:server/https%3A%2F%2F1.1.1.1%2Fdns-query/method/POST 

Step 3: Restart Chrome and open it back up. To confirm it is set up correctly, visit 1.1.1.1/help and there should be a “Yes” beside “Using DNS over HTTPS”.  

While there are different opinions about DoH, it will be a popular topic of conversation in the cyber world for months to come.  

Recent Posts

[WEBINAR] Prepare for CCPA with CookiePro
[WEBINAR] Prepare for CCPA with CookiePro
Join the CookiePro team for a CCPA preparation webinar on Friday, November 22 at 11:30 pm.
+ View Article
CCPA Compliance Checklist: 8-Week Countdown
CCPA Compliance Checklist: 8-Week Countdown
Learn about #3 off of our CCPA Compliance Checklist which focuses on the consumer right called the Right to Inform.
+ View Article
Mobile-Responsive Consent Management is Key
Mobile-Responsive Consent Management is Key
With the increase of web browsing on mobile devices and tablets, it's important to partner with a consent management tool that provides...
+ View Article
CookiePro Sponsors Seattle WordPress WordCamp
CookiePro Sponsors Seattle WordPress WordCamp
CookiePro is heading to Seattle to participate in the WordPress WordCamp Seattle to connect with WordPress enthusiasts from around the...
+ View Article