Regular DNS queries travel over UDP in plaintext — your ISP can see every site you visit. DNS-over-HTTPS (DoH) encrypts this traffic through HTTPS.
Public DoH Servers
| Provider | URL | Logging |
|---|---|---|
| Cloudflare | https://1.1.1.1/dns-query | No logs |
| https://dns.google/dns-query | 48-hour logs | |
| Quad9 | https://dns.quad9.net/dns-query | No logs, blocks malware |
Enable DoH in Firefox
- Settings → Privacy & Security
- Scroll to DNS over HTTPS
- Enable → select Cloudflare or NextDNS
💡 Best choice for privacy: Use Cloudflare 1.1.1.1 (commits to not selling data) or Quad9 (automatically blocks malicious domains).