Firefox rolls out encrypted DNS over HTTPS by default

(Image credit: Shutterstock)

In an effort to further protect the privacy of its users online, Firefox has begun rolling out encrypted DNS over HTTPS (DoH) by default for US-based users.

The rollout will continue over the course of the next few weeks as Mozilla works to confirm that no major issues are discovered as US Firefox users begin to use the new protocol.

A little over two years ago, the company began working to help update and secure one of the oldest parts of the internet, the Domain Name System (DNS). DNS links web addresses to IP addresses and when browsers need to perform a DNS lookup, unfortunately they have to do so without encryption.

In a blog post, former principal engineer at Mozilla, Patrick McManus explained why DNS lookups can jeopardize your privacy online, saying:

“DNS hails from the days of a kinder, more gentle Internet where it was normal to make this kind of query using unencrypted protocols and send them to any nearby server who claimed to be able to answer it. This approach is no longer a fit for the modern Internet.  Because there is no encryption, other devices along the way might collect (or even block or change) this data too.  DNS lookups are sent to servers that can spy on your website browsing history without either informing you or publishing a policy about what they do with that information.”

DNS over HTTPS

Given that now we know that unecrypted DNS is not only vulnerable to spying but is also being exploited by cybercriminals, Mozilla is working to help the internet make the shift to more secure alternatives.

The Firefox maker is now performing DNS lookups in an encrypted HTTPS connection to help hide your browsing history from attackers as well as to prevent data collection by third parties. Since Mozilla's work on DoH began, many other browsers have followed suit by announcing their own plans to support DoH.

At this time, DoH by default is being enabled by Firefox only in the US. However, if you're outside of the US and would like to enable DoH, you can do so by going to Firefox's network settings. By default, this change will send your encrypted DNS requests to Cloudflare but you also have the option to choose to use NextDNS instead.

Mozilla plans to enable DoH in other regions and the company is also working to add more DNS providers as trusted resolvers to its program.

  • Also check out our complete list of the best VPN services
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
person at a computer
Many workers are overconfident at spotting phishing attacks
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Latest in News
A man getting angry with his laptop.
Windows 11 bug deletes Copilot from the OS – is this the first glitch ever some users will be happy to encounter?
Huawei Watch Fit 3
The Huawei Watch 3 is a decent Apple Watch alternative, and its successor could be close at hand
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung's latest software upgrade could mean Galaxy phones beat iPhones for gaming – but you can't get it yet
God of War 20th Anniversary Graphic.
Sony has unveiled some goodies to celebrate God of War’s 20th anniversary, but it's not the remaster I was hoping for
person at a computer
Many workers are overconfident at spotting phishing attacks
Apple iPhone 16 Plus Review
The iPhone 17 Air could have an affordable price, and better battery life than you might have expected