Firefox DNS over HTTPS Configuration

Secure your browsing with encrypted HTTPS connections

Back to Knowledge Base

Quick Configuration Endpoints

DNS over HTTPS

https://xyz01-srv.unrulycitizen.com/dns-query

DNS over TLS

xyz01-srv.unrulycitizen.com

Firefox DoH Configuration Methods

Method 1: Built-in Settings (Firefox 62+)

1
Open Firefox Settings

Click the menu button (☰) → "Settings" or "Preferences"

2
Navigate to Network Settings

Scroll down and click "General" → Scroll to "Network Settings" → Click "Settings"

3
Enable DNS over HTTPS

Check the box "Enable DNS over HTTPS"

4
Configure Custom Provider

Select "Custom" from the provider dropdown and enter:

https://xyz01-srv.unrulycitizen.com/dns-query
5
Apply Settings

Click "OK" to save and close the network settings dialog

6
Verify Configuration

Restart Firefox and visit about:networking#dns to verify DoH is active

Method 2: Advanced about:config Configuration

For granular control and additional settings, use Firefox's advanced configuration:

# Open about:config in Firefox address bar about:config # Accept the risk warning if prompted # Set these preferences: network.trr.mode = 3 network.trr.uri = "https://xyz01-srv.unrulycitizen.com/dns-query" network.trr.bootstrapAddress = "140.82.41.243" network.trr.wait-for-port-timeout = 3000 network.trr.request-timeout = 5000 network.trr.early-https = true # Optional: Disable fallback to system DNS network.trr.disable-ECS = false network.trr.use-get = true

TRR Mode Explanation:
0 = Off, 1 = Reserved, 2 = Shadow mode, 3 = TRR-first, 4 = TRR-only, 5 = TRR-disabled

Method 3: User.js Configuration (Enterprise/Bulk)

Create a user.js file for automated deployment across multiple Firefox installations:

// user.js - Firefox DoH Configuration user_pref("network.trr.mode", 3); user_pref("network.trr.uri", "https://xyz01-srv.unrulycitizen.com/dns-query"); user_pref("network.trr.bootstrapAddress", "140.82.41.243"); user_pref("network.trr.wait-for-port-timeout", 3000); user_pref("network.trr.request-timeout", 5000); user_pref("network.trr.early-https", true); user_pref("network.security.esni.enabled", true); user_pref("doh-rollout.disable-heuristics", true); user_pref("doh-rollout.mode", 2); // Optional: Enhanced privacy settings user_pref("privacy.resistFingerprinting", true); user_pref("privacy.trackingprotection.enabled", true); user_pref("privacy.trackingprotection.socialtracking.enabled", true);

Save as user.js in Firefox profile directory for automatic configuration

Method 4: Command Line & Policies

Configure Firefox via command line arguments or enterprise policies:

Command Line Launch
# Launch Firefox with DoH enabled firefox --setpref="network.trr.mode=3" \ --setpref="network.trr.uri=https://xyz01-srv.unrulycitizen.com/dns-query" \ --setpref="network.trr.bootstrapAddress=140.82.41.243" # Windows Command Line "C:\Program Files\Mozilla Firefox\firefox.exe" --setpref="network.trr.mode=3" --setpref="network.trr.uri=https://xyz01-srv.unrulycitizen.com/dns-query"
Enterprise Policies (policies.json)
{ "policies": { "DNSOverHTTPS": { "Enabled": true, "ProviderURL": "https://xyz01-srv.unrulycitizen.com/dns-query", "Locked": true }, "NetworkSettings": { "DNSOverHTTPSEnabled": true, "DNSOverHTTPSProviderURL": "https://xyz01-srv.unrulycitizen.com/dns-query" } } }

Save as policies.json in Firefox distribution directory

TRR Mode Reference

Mode 0: Off

DoH completely disabled. Uses system DNS resolver.

Mode 2: Shadow Mode

Uses both DoH and system DNS, compares results for testing.

Mode 3: TRR-First

Recommended: Uses DoH first, falls back to system DNS if needed.

Mode 4: TRR-Only

Uses only DoH. No fallback. May break on network issues.

Verification

To verify DoH is working in Firefox:

Check DoH Status

# Open these pages in Firefox to verify configuration: # Check DoH status: about:networking#dns # Detailed TRR information: about:networking#trr # Network connections and DNS: about:networking # Test with DNS leak test: https://dnsleaktest.com # Check if DoH is working: https://cloudflare.com/cdn-cgi/trace

Test DoH Connection

# Open Browser Console (F12) and test: // Check TRR status Services.prefs.getCharPref("network.trr.uri") // Force TRR refresh Services.obs.notifyObservers(null, "network:trr-config-changed") // Monitor network requests in Network tab // Look for requests to your DoH endpoint # Alternative: Use Firefox Developer Tools # 1. Press F12 → Network tab # 2. Filter by "dns-query" # 3. Look for requests to xyz01-srv.unrulycitizen.com

Troubleshooting

DoH not working?

  • Ensure Firefox version 62 or later
  • Check if enterprise policies are overriding settings
  • Verify the DoH endpoint URL is correct
  • Try disabling VPN or proxy temporarily
  • Check for parental controls or content filters
  • Restart Firefox after configuration changes

Common Firefox Issues

  • Enterprise policies: May block custom DoH providers
  • Extensions: Some privacy extensions may conflict
  • Corporate networks: May block external DoH endpoints
  • Certificate issues: Ensure system clock is correct
  • DNS blocking: Some networks block port 853/443 for DNS
  • Fallback issues: Mode 3 should fallback gracefully

Enhanced Firefox Privacy

Recommended Privacy Settings

Combine DoH with these Firefox privacy settings for maximum protection:

// about:config privacy enhancements user_pref("privacy.trackingprotection.enabled", true); user_pref("privacy.trackingprotection.socialtracking.enabled", true); user_pref("privacy.resistFingerprinting", true); user_pref("privacy.donottrackheader.enabled", true); user_pref("network.http.referer.trimmingPolicy", 2); user_pref("network.http.referer.XOriginTrimmingPolicy", 2); user_pref("browser.send_pings", false); user_pref("browser.urlbar.speculativeConnect.enabled", false); user_pref("dom.webnotifications.enabled", false); user_pref("media.autoplay.default", 5); // Enhanced security user_pref("dom.security.https_only_mode", true); user_pref("dom.security.https_only_mode_ever_enabled", true); user_pref("network.dns.disablePrefetch", true); user_pref("network.predictor.enabled", false);

Need More Help?

Join our community forums for personalized assistance and support

Join Community Forums Back to Knowledge Base