If Firefox allows to change the DNS, I don't think it's big issue. We can just change it to Pi-Hole address. Or like Rob suggest turn the feature off.
It would allow you to move it to another DNS over HTTPS server, but not to a DNS server like Pi-hole or Unbound that did not have an HTTPS front end designed for it. But from what I have heard and from my contacts it may not be an easy flag to disable. I raised a concern about Active Directory and other forced DNS locations that require a specific, non-HTTPS resolver and the response was to deploy the Firefox LTS and not use the mainline release.
That sucks! I prefer Firefox.
I agree and I've been hit with this. Do we know how to point it to pi-hole or turn it off?
actually I found where you can turn it off
tools, options, general, network settings, settings, uncheck Enable DNS over HTTPS
If this is the same feature I mentioned here, the solution is:
‘network.trr.mode=5’, using ‘about:config’
@R_V could you please check if disabeling it, using the gui, has the same effect?
I am running Firefox V62 (64bit) and I don't see any issues yet. And don't see the flag mentioned in settings to disable it!
What version do you have installed?
I couldn't find network.trr.mode when I searched previously. I see it now and it is set to 0.
so my unchecking "tools, options, general, network settings, settings, uncheck Enable DNS over HTTPS" may have added it.
I can confirm that unchecking tools, options, general, network settings, settings, uncheck Enable DNS over HTTPS works.
For the life of me I could not figure out what was going on. I was checking my host file, I was running ipconfig /flush and /all and couldn't find the problem. On a lark I tried ie and chrome. Both used the pi-hole. When I'd us Firefox nightly I was seeing very little activity on the pi-hole when watching the pihole -t output. The other browser showed a lot of activity. That's when I found this and other threads.
A post was merged into an existing topic: [FYI] Google / Chrome: "Experimenting with same-provider DNS-over-HTTPS upgrade"
Sorry to necro this thread, but this "feature" was officially released today and there is an option in the settings to add your own DNS entry. Should we just add our Pi-hole address into that?
No.
Pi-hole doesnt do DoH.
Only Do53:
pi@noads:~ $ sudo netstat -nltup | grep 'Proto\|pihole-FTL'
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 18952/pihole-FTL
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 18952/pihole-FTL
tcp6 0 0 :::53 :::* LISTEN 18952/pihole-FTL
tcp6 0 0 ::1:4711 :::* LISTEN 18952/pihole-FTL
udp 0 0 0.0.0.0:53 0.0.0.0:* 18952/pihole-FTL
udp 0 0 0.0.0.0:67 0.0.0.0:* 18952/pihole-FTL
udp6 0 0 :::53 :::* 18952/pihole-FTL
- 4711 is the Pi-hole API and 67 is DHCP
Thanks for the pointer!
Ah, okay. So we should just turn this feature off like the rest of the thread said months ago?
It wasnt on in the first place for me ???
Right, it wasn't on for me either after the latest update but I was mostly asking if it's recommended to just keep it off since it doesn't work with Pi-hole anyway.
Logic says yes
Haha, thank you!
Firefox DoH opt-out mode is being rolled out for just the United States. We hate ourselves here.
Wow amazing.
Makes you wonder who/what decides.
EDIT: just checked Debian laptop and is same.
You have to opt-in.