Mozilla Rolls Out Encrypted DNS over HTTPS by Default in the US

Mozilla Rolls Out Encrypted DNS over HTTPs by Default in the US

This week Mozilla started rolling out encrypted DNS over HTTPS (DoH) by default for all its US Firefox users. This new standard enhances users’ privacy and security online, but not everyone is pleased.

What is DoH?

DNS stands for Domain Name System, which essentially is the phonebook of the internet. The DNS holds records of domain names, e.g. or, and their associated IP addresses.

When users wish to visit a website, they search for the website using the domain name. Web browsers such as Firefox or Chrome, however, use Internet Protocol (IP) addresses to interact with each other. That’s where the DNS comes in. It translates the domain names entered by users to IP addresses so that browsers can load the requested website.

The problem is that website requests going between users’ browsers and DNS servers are not encrypted. This means that others can see what websites users are visiting and even intercept website requests using man-in-the-middle attacks. These attacks intercept the users’ website requests, manipulate them and then redirect users to malicious websites.

The Benefits

DoH encrypts DNS data to protect users’ privacy and security by preventing eavesdropping and man-in-the-middle attacks. DoH is a new standard that uses the encrypted HTTPS communication protocol for traffic between users’ browsers and DNS servers.

As well as improving security, it is hoped that DoH will also reduce the time it takes DNS servers to find the IP address that corresponds to the user requested domain name.

Criticisms of DoH

Despite the promises of better security and more privacy for users online, DoH has faced a lot of criticism from lawmakers and security experts. They say that DoH hinders legitimate attempts to block dangerous web content, such as terrorist and child abuse related content.

Furthermore, although it is much harder for others to eavesdrop or intercept DNS data with DoH enabled, users’ website requests will still be visible to DNS providers. To counter this issue, Mozilla offers a choice of two trusted DNS providers, Cloudflare and NextDNS. Firefox uses Cloudflare as the default DNS provider.

DoH by Default Only in the US

Due to the criticism Mozilla faced when it announced it would roll out DoH by default to all its worldwide Firefox users, Mozilla has decided to roll it out by default only in the US. Users of Firefox outside the US need to opt-in if they wish to use the feature.

While Firefox is the first browser to start rolling out DoH by default, other browsers such as Google Chrome, Edge Chromium and Brave also support the feature. However, with these browsers, users need to opt-in to the feature if they wish to use it.

Information technology expert
Grace is an information technology expert who joined the VPNoverview team in 2019, writing cybersecurity and internet privacy-based news articles. Due to her IT background in legal firms, these subjects have always been of great interest to her.