DNS over HTTPS (DoH) - Encrypting DNS Queries
About 2 min read
DNS over HTTPS (DoH) is a technology that encrypts DNS queries, which were traditionally sent and received in plaintext, using the HTTPS protocol. It protects privacy by preventing ISPs and network administrators from intercepting or tampering with the sites a user visits. Standardized as RFC 8484 in 2018, its adoption accelerated when Firefox began supporting it that same year. As of 2025, nearly all major browsers support DoH, and OS-level DoH support is progressing on Windows 11 and macOS as well.
Real-World Use Cases
"We discovered an issue where browsers with DoH enabled on our corporate network were bypassing DNS filtering. We are using group policy to block access to external DoH resolvers and switching to a configuration that provides DoH through our internal DNS servers."
DoH Flow
Historical Background
Traditional DNS was not designed with encryption in mind from its inception in 1983, and query contents flowed across networks in plaintext. This made DNS spoofing and the collection of browsing history by ISPs technically easy. In 2018, Mozilla implemented DoH in Firefox, and in 2020 Google Chrome and Microsoft Edge also added support. Today, Cloudflare (1.1.1.1), Google (8.8.8.8), and Quad9 (9.9.9.9) provide major DoH resolvers.introductory books on DNS security (Amazon) offer systematic learning.
Benefits and Challenges
The greatest benefit of DoH is preventing the eavesdropping and tampering of DNS queries and improving privacy. On the other hand, for corporate security administrators, there is a risk that DNS filtering on the internal network can be bypassed. Cases have also been reported in which malware uses DoH to conceal C2 communication. In corporate environments, it is recommended to provide DoH through internal DNS servers while blocking access to external DoH resolvers. Protect the DNS configuration admin panel with a strong random password and strengthen your DNS security comprehensively.books on network privacy (Amazon) are also helpful references.
Was this article helpful?