DNS over HTTPS (DoH) is a security feature that encrypts your domain name requests, making it harder for others to see which websites you're accessing. This protects your browsing privacy and prevents DNS-based surveillance and attacks.
What is DNS over HTTPS?
DNS over HTTPS (DoH) is a security protocol that encrypts DNS queries using HTTPS, the same secure protocol used for web browsing. This prevents your DNS requests from being intercepted, monitored, or manipulated by network providers, hackers, or other third parties.
How It Works
- Encrypts DNS queries using HTTPS
- Prevents DNS request interception
- Protects browsing privacy
- Works with existing DNS infrastructure
- Maintains DNS functionality
Privacy Benefits
- Hides which websites you visit
- Prevents DNS-based tracking
- Protects against surveillance
- Blocks DNS manipulation
- Enhances overall privacy
Understanding DNS and Privacy
Traditional DNS queries are sent in plain text, making them vulnerable to surveillance and manipulation:
Traditional DNS (Insecure)
When you visit a website, your browser sends a plain text DNS query asking "What is the IP address for example.com?" This query can be easily intercepted and monitored by your internet service provider, network administrators, or anyone monitoring the network.
DNS over HTTPS (Secure)
With DoH, your DNS query is encrypted and sent through an HTTPS connection, making it impossible for others to see which websites you're trying to access. The query is protected just like your web browsing data.
Privacy Protection
DoH ensures that your browsing activity remains private, preventing DNS-based surveillance, tracking, and censorship while maintaining the same functionality as traditional DNS.
How DNS over HTTPS Works
The DNS over HTTPS process happens automatically and transparently:
Domain Request
When you type a website address or click a link, your browser needs to find the IP address for that domain name.
Encrypted Query
Instead of sending a plain text DNS query, Oasis encrypts the request and sends it through an HTTPS connection to a secure DNS provider.
Secure Response
The DNS provider responds with the IP address through the same encrypted connection, and your browser connects to the website.
Privacy and Security Benefits
Privacy Protection
- Hides your browsing activity from network providers
- Prevents DNS-based tracking and profiling
- Protects against surveillance and monitoring
- Blocks DNS-based censorship
- Maintains browsing anonymity
Security Enhancement
- Prevents DNS spoofing and manipulation
- Blocks DNS-based attacks
- Protects against DNS hijacking
- Prevents DNS cache poisoning
- Enhances overall network security
Performance Benefits
- Faster DNS resolution in some cases
- Reduced DNS query latency
- Better connection reliability
- Improved browsing experience
- Enhanced network efficiency
Enabling DNS over HTTPS
Follow these steps to enable and configure DNS over HTTPS:
Access Network Settings
Open Oasis settings and navigate to Privacy & Security. Look for "Network Settings" or "DNS over HTTPS" to access the feature.
Enable DNS over HTTPS
Find the option to "Enable DNS over HTTPS" and check the box to activate this privacy feature.
Choose DNS Provider
Select your preferred DNS provider from the available options, or use the default secure DNS provider.
Test Configuration
Visit websites to ensure DNS over HTTPS is working correctly and that your DNS queries are being encrypted.
DNS Provider Options
Default Providers
- Cloudflare: Fast, privacy-focused DNS with 1.1.1.1
- Google: Reliable DNS with 8.8.8.8
- Quad9: Security-focused DNS with 9.9.9.9
- OpenDNS: Cisco's DNS service with 208.67.222.222
Custom Providers
- Configure your own DNS over HTTPS provider
- Use enterprise or organizational DNS
- Set up family-friendly DNS filtering
- Choose region-specific providers
- Configure backup DNS providers
Configuration Options
Basic Settings
- Enable/disable DNS over HTTPS
- Choose DNS provider
- Set fallback behavior
- Configure timeout settings
- Enable automatic detection
Advanced Options
- Custom DNS provider URLs
- Configure multiple providers
- Set up provider priorities
- Configure caching settings
- Enable DNS logging
Common Use Cases
Privacy Protection
- Hide browsing activity from ISPs
- Prevent DNS-based tracking
- Protect against surveillance
- Maintain browsing anonymity
- Block DNS-based profiling
Security Enhancement
- Prevent DNS manipulation
- Block DNS-based attacks
- Protect against DNS hijacking
- Prevent DNS cache poisoning
- Enhance network security
Bypass Restrictions
- Circumvent DNS-based censorship
- Access blocked websites
- Bypass geographic restrictions
- Override network filtering
- Maintain access to content
Monitoring and Verification
Check DNS Status
- Verify DoH is enabled
- Check current DNS provider
- Monitor DNS query encryption
- Test DNS resolution speed
- Verify privacy protection
Privacy Verification
- Use DNS leak testing tools
- Check for DNS query exposure
- Monitor network traffic
- Verify encryption status
- Test privacy protection
Troubleshooting
Common Issues
- DNS over HTTPS not working
- Slow DNS resolution
- Connection failures
- DNS provider issues
- Compatibility problems
Solutions
- Check DoH settings and configuration
- Try different DNS providers
- Update browser to latest version
- Clear browser cache and cookies
- Contact network administrator
Best Practices
Privacy Recommendations
- Always enable DNS over HTTPS
- Choose privacy-focused DNS providers
- Regularly test for DNS leaks
- Monitor DNS query encryption
- Use multiple DNS providers
Security Guidelines
- Verify DNS provider security
- Use trusted DNS providers
- Enable DNS security features
- Monitor for DNS attacks
- Keep browser updated
What to Expect
When using DNS over HTTPS, you may experience:
Privacy Benefits
- Enhanced browsing privacy
- Protection from DNS surveillance
- Reduced tracking and profiling
- Better anonymity online
- Freedom from DNS censorship
User Experience
- Seamless DNS encryption
- Potentially faster DNS resolution
- Improved connection reliability
- Better overall privacy
- Enhanced security posture
Technical Details
DNS over HTTPS uses advanced encryption and networking technologies:
How DNS over HTTPS Works
- Encrypted Queries: DNS requests are encrypted using HTTPS/TLS protocols
- Secure Transport: Queries travel through encrypted HTTPS connections
- Privacy Protection: DNS queries are hidden from network surveillance
- Standard Compliance: Follows RFC 8484 DNS over HTTPS standard
- Backward Compatibility: Falls back to traditional DNS when needed
Since Oasis is built on Firefox core technology, DNS over HTTPS provides the same robust privacy protection with enhanced DNS security and seamless user experience.
Need Help with Oasis Browser?
Join our Discord community to get support, ask questions, and connect with other Oasis users and the Kahana team.
Related Documentation
Multi-Account Containers: Complete Guide
Learn how to use Mozilla's Multi-Account Containers extension to separate your browsing experience into different color-coded tabs for better privacy and organization.
Default Protection
Learn how Oasis automatically decides when to use secure DNS to protect your privacy, including local provider preferences and fallback mechanisms for optimal privacy and performance.
Understanding DRM Content in Browsers
Learn about Digital Rights Management (DRM) content in browsers, how it works, and how to manage DRM settings for video and audio playback.
About the Author
I'm the CTO of Kahana, bringing a unique perspective from my management consulting experience at Clarkston Consulting and biomedical engineering background from Duke University. I'm focused on making the future of work more ergonomic through innovative technology solutions that prioritize user well-being and productivity.