No matter how much effort we put into avoid getting tracked on the internet, there is one thing that seems tough to avoid — ISP tracking. Since no law stops ISP from monitoring, it comes as no surprise that they are doing it. However, there is a solution if you want to stop them. In this post, we will show how you can enable DNS over HTTPS to stop ISP tracking.
What is DNS over HTTPS
When you type a website address on your browser, it locates the IP address using a DNS service. This DNS, unless configured otherwise, is offered by your ISP. It means they know where you are going and what you are doing, making it a lot easier to track and create a profile.
The privacy solution that can stop is called DNS over HTTPS. It uses the same standard of encryption and performs DNS resolution via HTTPS. It makes sure to keep man-in-the-middle attacks at bay using encryption. Another benefit is improved performance. Google and the Mozilla Foundation started testing versions of DNS over HTTPS since the last year.
Block ISP tracking
While the whole thing is under testing, you can still have it by using the Firefox browser. The browser offers both the encryption technology and an encrypted DNS service provider. It has signed up an agreement with Cloudflare to purge any data it collects and not provide it to any other parties. Mozilla is close to signing on additional DNS providers under the same terms.
1] Steps to enable DNS over HTTPS in Firefox
- Open Firefox and click on the hamburger menu or the three horizontal lines icon in the upper right corner of the browser.
- Click Options to open the settings window.
- Scroll to the bottom to find Network Settings > click on the settings button.
- It will open the Connection settings popup window.
- At the bottom, check the box next to “Enable DNS over HTTPS.”
As of now, the only provider available Cloudflare. It is the default provider, but as more options show up, you should be able to change it.
2] Enable DNS over HTTPS for Chrome
If you want to enable DoH on any browser using Cloudflare or any of the listed DNS over HTTPS public servers, you will need to parameters with the browsers. When the browser is launched with those parameters, all queries are encrypted first. Here is how you can do it on Chrome.
Find or create a Chrome Shortcut. You should use this shortcut every time you want to use DoH.
Now, right-click on the Chrome shortcut and select Properties.
In the Shortcut Tab > Target, add the following URL at the end-
--enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2F18.104.22.168%2Fdns-query/method/POST
Click on Save, and launch Chrome again using the same shortcut. It will prompt for admin permission before making any changes.
Head over to Cloudflare checker to know if you are using DNS over HTTPS
If you want to use some other DoH server, there is more here. So, for example, if you want to use Google DoH, then the query URL should be https://dns.google/dns-query. The text which you need to add in Chrome shortcut should be-
--enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2Fdns.google%2Fdns-query/method/POST
3] Enable DNS over HTTPS for Microsoft Edge (Work In Progress)
That said, the same settings don’t work on Edge even though its using Chromium. So Edge users will have to wait until Microsoft integrates it into their browser. However, if you are ready to experiment, you can enable an experimental flag—Secure DNS lookups.
- Launch Edge, and type edge://flags
- Search for Secure DNS lookups
- Enable the flag and restart the browser.
Here is the description for Secure DNS lookups: Enables DNS over HTTPS. When this feature is enabled, your browser may try to use a secure HTTPS connection to look up the addresses of websites and other web resources. – Mac, Windows.
While it should enable, I am not sure which how exactly it is working. I would suggest that you be aware of the fact that its coming to Edge, but more details will be available only when it comes to the final or the beta version.
4] Setup DNS over HTTPS on Android or iPhone
Most of the Mobile OS offers you to edit DNS settings. Since you need to use Cloudflare, the easy way is to install the Cloudflare app on your smartphone. A simple switch will make sure your phone starts using DNS.
Download the app from 22.214.171.124, and toggle the switch on to start using encrypted DNS. Done that, anything which accesses the internet will use DNS over HTTPS service. All your traffic will be encrypted, making you secure from snoopers and hackers.