Starting today, Mozilla is activating the DNS-over-HTTPS security feature by default for all Firefox users in the U.S. by automatically changing their DNS server configuration in the settings.
That means, from now onwards, Firefox will send all your DNS queries to the Cloudflare DNS servers instead of the default DNS servers set by your operating system, router, or network provider.
As you may know, DNS-over-HTTPS (DoH) protocol performs DNS lookups — i.e., finding the server I.P. address of a certain domain name — over an encrypted connection to a DNS server rather than sending queries in the plaintext.
This privacy-focused technology makes it harder for man-in-the-middle attackers, including your ISPs, to manipulate DNS queries, eavesdrop on your Internet connection, or learning what sites you visit.
"This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit," the company said.
However, the way Mozilla implemented DNS-over-HTTPS in the Firefox web browser also received criticism over in past few months over favoring Cloudflare and instead of trying to upgrade to an encrypted DoH server operated by the user's existing DNS provider.
On the other hand, Google took care of this privacy issue while announcing DNS over HTTPS feature in its Chrome web browser late last year, which automatically upgrades DNS settings to the equivalent DoH service from the same provider if it's DoH-compatible.
However, any Firefox user, outside the U.S. or US-based, can also manually turn on this feature from Firefox settings and can change the default DNS server to NextDNS or any other encrypted-DNS service by manually entering the address.
Zero Trust + Deception: Learn How to Outsmart Attackers!
Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!Save My Seat!
"Users have the option to choose between two providers — Cloudflare and NextDNS — both of which are trusted resolvers."
To do that, go to Firefox Settings > Preferences > General > scroll down to Network Settings > click Settings > then click Enable DNS over HTTPS.
"We continue to explore enabling DoH in other regions and are working on adding more providers as trusted resolvers to our program. DoH is just one of the many privacy protections you can expect to see from us in 2020."
Anyway, Mozilla has now become the first browser to push DNS-over-HTTPS by default, and the company has plans to gradually roll it to the rest of the Firefox users in other countries in the next few months.