DNS over HTTPS : How to prevent Firefox from using it, instead of Technitium/DnsServer

[Fedora-Core]

DNS over HTTPS : How to prevent Firefox from using it, instead of Technitium/DnsServer

Soon (fall 2019) Firefox will implement - at the application level - the DNS-over-HTTPS !

This will shortcut the Technitium/DnsServer, right ?

Please offer a solution soon.

Here is the URL from the Firefox KnowledgeBase:

https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https

Greetings, F.C.

[ShreyasZare]

Thanks for the feedback. Ya, I read about it that said Firefox will be enabling DoH by default for US users initially. This will bypass any system configured DNS so, it will bypass Technitium DNS Server that you have configured on your computer or network.

The link you have posted does say about a canary domain that can be added to Technitium DNS Server which will signal Firefox to not use DoH by default unless user has explicitly enabled the DoH setting in Firefox.

If you want DoH to be disabled on your network by default then you will need to block all the known/popular services that provide DoH. This can be tried by blocking domain name for the service ('cloudflare-dns.com' for cloudflare) or by blocking the IP address on your router. I need to do tests to confirm the correct way to block it.

[ShreyasZare]

Creating a 'use-application-dns.net' zone in Technitium DNS Server will block Firefox from using its default DoH config and will force it to use system DNS.