• Latest
  • Trending
DNS Over HTTPS: Facts You Should Know

DNS Over HTTPS: Facts You Should Know

June 14, 2022
Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Tuesday, 28 April, 2026
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

DNS Over HTTPS: Facts You Should Know

by ITECHNEWS
June 14, 2022
in Leading Stories, Opinion
0 0
0
DNS Over HTTPS: Facts You Should Know

A new protocol, DNS over HTTPS (DoH), is a sensation in modern times, designed for enterprise security products and policies. A combination of DNS protocol and HTTPS protocol, DoH affects businesses, organisations, and regular users. DNS over HTTPS is used to enhance the security of network communication.

What is DNS over HTTPS (DoH)?

 

YOU MAY ALSO LIKE

French Telco Orange Hit by Cyber-Attack

ATC Ghana supports Girls-In-ICT Program

In the late 1980s, the Internet Engineering Task Force (IETF) proposed the concept of DNS Over HTTPS because of the rise in malicious attacks on networks. Earlier, DNS queries between the web application and the servers of the DNS were done in plain text using the settings given by the network provider or ISP (Internet Service Provider).

 

The DoH aids the DNS queries by sending them guised as regular HTTPS traffic, but to special servers that support DoH. The server which supports DoH is called DoH resolver. In this, both the DNS request and response of that request are encrypted to keep the users’ privacy secured.

 

DoH is a network protocol used to communicate with domain name server information in an encrypted form over HTTPS traffic. It uses the hypertext transfer protocol secure to encrypt the DNS traffic bypassing the DNS queries, and it hides the DNS query and improves online privacy.

 

Popular DoH clients include Google Chrome, Mozilla Firefox and Microsoft Edge. They support Doh and deploy DoH as well for data protection and privacy of users.

How does DNS over HTTPS work?

 

Before diving further into the working of DNS over HTTPS, let’s take a look at the mechanism of traditional DNS.

 

All websites are hosted on web servers, and every web server has its own assigned IP address. In order to access a website, first, we need to access its IP addresses. Here comes the role of DNS servers. For instance, the server converts the hostname, https://xyz.com, into its corresponding IP address.

 

Whenever any user enters a website or hostname into the web browsers, that HTTP request is sent to the DNS resolver. If the DNS resolver is unaware of the entered hostname, that DNS request is passed to the root name servers. The root name servers handle the leading domains like .com, .org and .edu. The notable DNS servers’ address is sent by the root servers back to the DNS resolver.

 

Now, the top-level domain servers receive the request sent by the resolver. The top-level domain server returns the IP address of the DNS server that handles the requested domain after receiving the request of the resolver. Now the resolver again sends the request to that IP address of the DNS server. In this way, a DNS server dispatches the IP address of a website or a hostname that the user is trying to access.

 

Following this, the browser can submit an HTTP or HTTPS request to that IP address, allowing the user to access the requested website. Although caching can help speed up this procedure in some cases, this is the core of how traditional DNS works.

 

Differences Between DoH And DNS

 

DNS over HTTPS (DoH) works the same as DNS. However, there are two main differences between DNS over HTTPS and DNS.

 

One of the major differences is that DNS requests are now encrypted within the HTTPS protocol session instead of using HTTP as in the past. These DNS requests are sent over port 443 just like the normal HTTPS web traffic. The web browsers and the servers (DNS) must support DNS over HTTPS for the proper working of DoH.

Differences Between DoH And DNS

 

The other major difference between DNS and DoH servers is that DoH tries to keep the amount of data transmitted during DNS queries to a minimum. Instead of sending the full domain name that a user’s browser is trying to resolve, it sends the required portion of the domain name necessary to execute the current step successfully. Let’s illustrate this with an example. Suppose a browser is trying to access https://xyz.com, then the Doh servers do not need to know the entire domain name; it only needs to know that it is a .com domain address.

 

Standard DNS vs DNS over HTTPS

 

If any traffic filtering solution is not used, standard DNS communications are more likely to be vulnerable to man-in-the-middle attacks (MITM). This happens because the communication occurs via plain text.

 

As we all know, privacy is the most vital concern in present times, and that is where the DoH protocol came in to improve the privacy factor by encrypting DNS. Being a superior protocol, a DoH enabled setting offers better prevention from man-in-the-middle attacks.

 

Once enabled, no one can see the DNS requests between the browser and the DNS servers, thus securing the users’ privacy.

 

DNS over HTTPS (DoH) vs DNS over TLS (DoT)

 

Both DoH (DNS over HTTPS) and DoT (DNS over TLS) are used for the same purpose, which is for encrypting DNS communications.

 

In DNS over HTTPS, the encrypted DNS traffic is not completely invisible to the network admins, which could be an issue. Whereas, in DNS over TLS, the network administrators cannot even see the encrypted DNS traffic.

 

Another significant difference between the DNS over HTTPS and DNS over TLS is that DoH uses port 443, whereas DoT uses its own TLS dedicated port 853. All the HTTPS communications are done on port 443.

 

DoH on Web browsers

 

Most well-known browsers use DNS over HTTPS to provide better privacy to their users. Let’s see how to enable this DNS over HTTPS or DoH to keep the DNS traffic encrypted. No one can see the DNS data thanks to the encrypted DNS traffic. Some of the most popular browsers supporting DoH are Chrome (Google), Mozilla, Edge, and Brave. Next up, we will demonstrate the steps to enable DoH support on each of the browsers.

 

 

Google Chrome

 

How to enable DNS over HTTPS on Chrome?

 

  • First, open your Google Chrome browser.
  • Click on the triple dot present in the upper right corner of the browser.
  • Open settings
  • Now go to Security and Privacy
  • Click on Security
  • Now scroll down and enable the use of secure DNS.

 

This way, DNS over HTTPS can be enabled in Chrome for the privacy of users.

 

Mozilla Firefox

 

How to enable DNS over HTTPS on Mozilla Firefox?

 

  • First, open your Mozilla Firefox browser.
  • Click on the triple dot present in the upper right corner of the browser.
  • Click on Settings.
  • Go to General Settings.
  • Now scroll down and go to Network Settings.
  • Click on Settings.
  • Now scroll down and enable DNS over HTTPS.

 

Microsoft Edge

 

How to enable DNS over HTTPS on Microsoft Edge?

 

  • First, open your Microsoft Edge application.
  • Click on the triple dot present in the upper right corner.
  • Click on Settings.
  • Go to Privacy.
  • Scroll down and go to security.
  • Now enable the use secure DNS option present.
  • Now choose your preferred DNS providers. For example, you can choose Cloudflare (1.1.1.1).

 

Brave

 

How to enable DNS over HTTPS on Brave?

 

  • Open your Brave application.
  • Go to settings.
  • Click on the menu and scroll down.
  • Click on Additional Settings present on the left side of the menu.
  • Go to Privacy and Security.
  • Click on Security.
  • Now enable the DoH option present there.

 

To choose a custom DNS provider, for example, Cloudflare, click on With Custom option and click on the drop-down menu to choose DNS providers. Click on Cloudflare (1.1.1.1).

 

This way, you can enable DoH and choose your own DNS providers.

How to check if a browser is configured with DoH or not?

 

You can check whether your browser application is properly configured or integrated with DoH by following these simple steps:-

 

  • Open the browser you want to check whether that is configured.
  • Type https://1.1.1.1/help in the URL bar of the application.
  • Now, make sure Using DNS Over HTTPS (DoH) is yes.

 

If your application is showing Using DNS Over HTTPS (DoH) no, follow the steps mentioned above in this blog post.

How to enable DNS over HTTPS in Windows 10 settings?

 

With malicious websites scouring the internet and gaining access to file systems, enabling DoH protocols on the internet menu cannot be seen as the only safe way. We need to look beyond the internet menu to secure user privacy. Enabling DoH on your operating systems is one such way. This will allow all users and applications to avail of this benefit across all browsers without the need to integrate it separately. Windows 10 being one of the more popular operating systems, we have demonstrated the steps to enable DoH in Windows 10. Follow these steps:-

 

  • Open the settings in your machine having the operating system as Windows 10.
  • Now go to Network and Internet menu.
  • Click on settings and find Network Status and then open it.
  • Click the preferred desired internet connection and open the properties of that network.
  • Go for the IP Settings and edit that setting.
  • Go for the manual selection, and enable IPv4.
  • Now enter the IP address of your favoured DNS and alternate DNS.

 

Here are some of the DoH providers that Windows 10 currently supports:-

 

Cloudflare:- Primary IP- 1.1.1.1, Alternate IP- 1.0.0.1

 

Google:- Primary IP- 8.8.8.8, Alternate IP- 8.8.4.4

 

Quad9:- Primary IP- 9.9.9.9, Alternate IP- 149.112.112.112

 

For encryption of both encrypted and alternate, select Encrypted only. If you want to configure IPv6, you can use the following steps mentioned above for IPv4.

 

IPV6 IP Addresses

 

For IPV6, you can use these Primary and Secondary IP addresses that are supported on Windows 10:-

 

  • Google:- Primary IP – 2001:4860:4860::8888, Secondary IP – 2001:4860:4860::8844
  • Cloudflare:- Primary IP – 2606:4700:4700::1111, Secondary IP – 2606:4700:4700::1001
  • Quad9:- Primary IP – 2620:fe::fe, Secondary IP – 2620:fe::fe:9

 

How to enable DOH in the Windows 10 Registry?

 

In Windows 10, enabling DoH can be done in two ways. First via Windows 10 and second via the Windows 10 registry. Let’s see how we can use the Windows 10 registry for enabling DoH in windows 10.

 

Following are the steps that can be used to enable DoH:-

 

  • Open Registry Editor on your machine.
  • Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters.
  • With a value of 2 namings, “EnableAutoDoh” create a DWORD.
  • Now restart your Windows 10 machine.

 

Right now, Windows 10 supports three DoH providers. Therefore, after restarting the machine, you need to edit the Primary IP address and Alternate IP address. The three DNS providers available:- Google, Cloudflare and Quad9. Primary and Alternate IP addresses are already mentioned above; you can use those.

 

Now you can change the present entries in your network adapter’s Internet Protocol Version 4 (TCP/IPv4) with one of the three DoH providers mentioned and supported by Windows 10. If necessary, repeat the process for IPv6.

 

Benefits of DNS over HTTPS over DNS servers (DoH)

 

The benefits of using DNS over HTTPS are many. One of the most important benefits of using DNS over HTTPS is that the DoH hides the users’ online activities by encrypting the DNS Name resolution traffic. In order to resolve a domain into an IP address, a typical DNS query is required to convert the entered domain name in the web browser.

 

Unless the DNS server is located on the local network, the request regarding the resolution of the name should pass through the ISP network (Internet Service Provider) along with all the routers present between the ISP and the Domain Name System servers. These name resolution requests can be seen by the ISP easily. By monitoring the DNS requests regarding the name resolution, Internet Service Providers can easily see which site a user is visiting and much more.

 

Here comes the role of DNS over HTTPS (DoH). DNS over HTTPS hides the name resolution request not just from the ISP but from everyone as well. This way, DNS over HTTPS (DoH) shields the users.

 

It also prevents attacks, including Man-in-the-Middle attacks (MITM) and spoofing, because the communication between the DNS servers and the web browsers is totally encrypted. Therefore, no one can manipulate the name resolution request and make the user’s browser visit malicious websites.

 

Additional Benefits Of DoH

 

Enlisted here are some of the added benefits you will enjoy after switching to DoH from regular DNS.

 

  • Your organisation’s data privacy and security can be improved if you enable DoH properly.
  • The compatibility of the DNS traffic filter and DoH can be tested out.
  • You have the opportunity to test how DoH will connect with your networks ahead of time and address any issues that may emerge before the DoH protocol becomes the standard.
  • Your input could help all software companies improve their products, which would benefit you in the long run.

 

Limitations of DNS over HTTPS

 

  • False-negative security flags and blocked queries can be generated if the system administrator is unfamiliar with DoH or similar protocols.
  • The DNS over HTTPS will be totally ineffective if the DNS traffic filtering solution does not work properly or integrate with DoH.
  • It overcomes any DNS filtering your network employs in order to offer security and network information.
  • It offers a unique experience in comparison to web browsing and the rest of your computer and network. You could have certain DNS packets travelling to one recursive server and others going through your network settings, resulting in a varied experience from your browser to the rest of your network.

 

Is DoH really slower?

 

In DoH, we need to pay for security and privacy at a slower speed. This happens because there is a lot of HTTPS or web traffic that needs to be encrypted or decrypted. Therefore, it is common to take more time or longer than unencrypted communications.

 

DoH takes the longest to load any page among all other DNS encrypting protocols. But still, the difference between encrypted and unencrypted load times is quite slim.

 

How to quicken the encrypted DNS?

 

With privacy and online activity being under the scanner, developers constantly look for newer technologies to safeguard user interest. DoH indeed affects the connection speed negatively, meaning encrypted DNS traffic is visibly slower. However, it is not the case for all the DNS protocols.

 

Another variant of encrypted DNS present is DNS over TLS or Transport Layer Security (DoT). DoT is the latest variation of SSL (Secure Socket Layer).

 

DoH and DoT are almost the same, with minor differences. They perform the same function of encrypting the DNS traffic and keeping the DNS secure and our communication private. The main difference here is the amount of time. DoT performs encryption and decryption faster than DoH. A recent study has found that the performance of DoT, DoH, and unencrypted DNS varies depending on the client and that no protocol excels in all situations.

Conclusion

 

DoH protocol is still in its early stages, with cyber security products constantly evolving. However, it has to be accepted that the DNS era might be breathing its last any day now. With a relentless exploration of DoH queries, DoH traffic, enterprise policies may soon bank upon it for added security.

Source: Editor
Via: Security Boulevard
Tags: DNS Over HTTPS: Facts You Should Know
ShareTweet

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025

Recent News

  • Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa July 29, 2025
  • French Telco Orange Hit by Cyber-Attack July 29, 2025
  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© Copyright 2026, All Rights Reserved | iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© Copyright 2026, All Rights Reserved | iTechNewsOnline.Com - Powered by BackUPDataSystems

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version