Mozilla is enabling encrypted DNS-over-HTTPS (DoH) by default for US Firefox users

Firefox users in the US will soon have DNS-over-HTTPS (DoH) enabled by default. Mozilla is in the process of rolling out the privacy- and security-focused feature after an intensive period of testing.

DoH is an option for anyone outside of the US, but it will have to be manually enabled. Once enabled, DNS lookups are routed through Cloudflare or NextDNS using an encrypted HTTPS connection, hiding it from third parties such as your ISP.

See also:

• Google helps devs speed up Firefox with open source Lighthouse extension
• Microsoft uses Start menu ads to promote its Edge browser
• Firefox 72 will let users delete data the browser collects about them

Mozilla's Selena Deckelmann says: "Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives. We do this by performing DNS lookups in an encrypted HTTPS connection. This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit".

But while the aim of DoH is to protect users against surveillance and traffic interception, there have been fears that implementing the feature will make it harder for authorities to monitor terrorist content and other illegal material.

Mozilla says of DoH:

We're enabling DoH by default only in the US. If you're outside of the US and would like to enable DoH, you're welcome to do so by going to Settings, then General, then scroll down to Networking Settings and click the Settings button on the right. Here you can enable DNS over HTTPS by clicking, and a checkbox will appear. By default, this change will send your encrypted DNS requests to Cloudflare.

The company goes on to explain:

Users have the option to choose between two providers -- Cloudflare and NextDNS -- both of which are trusted resolvers. Go to Settings, then General, then scroll down to Network Settings and click the Settings button on the right. From there, go to Enable DNS over HTTPS, then use the pull down menu to select the provider as your resolver.

The feature will be enabled in the US over the coming weeks, and Mozilla says it is exploring the possibility of doing so in other parts of the world as well. You can read more about DoH in an explanatory post from the Firefox-maker.