Doubt with DNS-Over-HTTPS

Hello everybody!! :grinning:
I've read some threads in the forum about DNS-Over-HTTPS, and I've a doubt. When it's configured, does the Pi-hole still log the queries likewise?

I apologize for my English, it's not my language.

Best regards and thank you very much!! :grinning:

You have to verify that your browsers do not enable DoH.

DNS employs port 53, while DNS-over-HTTPS (DoH) makes use of the HTTPS port 443.
As any DNS resolver, Pi-hole is listening on port 53.

Consequently, a browser requesting domain resolution via DoH will by-pass Pi-hole.

Mozilla based browsers like Firefox can query a canary domain to determine whether they should use DoH, unless they are manually configured to enforce DoH.

By default, Pi-hole will signal such a browser to not enable DoH by answering requests for the canary domain with NXDOMAIN.

1 Like

Ok, if I understand correctly, in addition to configure the DoH on the Pi-hole, I have to disable this feature in my web browsers.

Thank you very much and best regards!! :grinning:

There is no DoH configuration in Pi-hole, only the Mozilla canary domain option.

1 Like

Hello!! :grinning:
Yes, I know this, for configuring DoH I understand that I must follow the documentation.

1000000 thanks for your help and very best regards!! :grinning:

1 Like

A post was split to a new topic: Should port 5053 be allowed when using cloudflared as upstream for Pi-hole?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.