Remove specific domains from Firefox DNS over HTTPS
While it is not recommended, Firefox does offer a way to add particular domains so they can bypass DNS over HTTPS. However, you need to add those domains using Firefox configuration manually.
Type about:config in the address bar and press Enter.Accept the warning page messageSearch for network.trr.excluded-domains.Click the Edit button next to the preference.Add domains, separated by commas, to the listClick on the checkmark to save the change.
If you find the list already has some websites, we suggest not to remove anything from there.
When should you add domains to the exception list?
While DoH improves privacy by keeping ISP and someone on Public WiFi, it is possible that websites may not work for you when tried over DoH. On top of that, it can be crucial for networks that use Custom DNS.
An organization with in-house Policies for DNS
The default feature offered by Firefox is excellent for a general consumer. However, it may not be great for organizations. Many rely on DNS to block malware, enable parental controls, or filter your browser’s access to websites. DoH bypasses all of these, and hence not useful. Also, there are some websites which only resolve when you are connected to a company network. Firefox offers a solution— Canary domain. Firefox will attempt to resolve this domain using the DNS server(s) configured in the operating system of the device. If it comes out negative, it will be a signal to disable application DNS, i.e., DoH.
If DoH results in a slower DNS resolution
DoH can be more time-consuming, and if it’s happening for you often, and for a particular website, you can choose to add them to the exception list.
Cloudflare as DoH
In the US, Firefox is using Cloudflare as DNS. Now any DNS resolver can see the query, but Firefox and Cloudflare are in agreement that forbids Cloudflare or any other DoH partner from collecting personal identifying information. If you are not comfortable with it, you have two options.
Replace Cloudflare with any other DNS you trustYou can Opt-out by unchecking it entirely or from the notification you receive if and when DoH is first enabled
Firefox also recommends US users disable Firefox study (about:studies) which collects data to improve user experience. You may also disable Firefox Data Collection available under Privacy and Security panel. We hope the post was useful, and you were able to remove specific domains from Firefox DNS over HTTPS.
