The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How to remove specific domains from Firefox DNS over HTTPS

Download Windows Speedup Tool to fix errors and make PC run faster

Mozilla recently started rolling out DNS over HTTPS for Firefox to make sure the DNS resolution is also secure. While there is more to it, in this post, we will show how you can remove specific domains from Firefox DNS over HTTPS. Firefox offers extensive configuration for DoH, especially for organizations that rely on their DNS.

Remove specific domains from Firefox DNS over HTTPS

Add Exception to DNS over HTTPS Firefox

While it is not recommended, Firefox does offer a way to add particular domains so they can bypass DNS over HTTPS. However, you need to add those domains using Firefox configuration manually.

  • Type about:config in the address bar and press Enter.
  • Accept the warning page message
  • Search for network.trr.excluded-domains.
  • Click the Edit button next to the preference.
  • Add domains, separated by commas, to the list
  • Click on the checkmark to save the change.

If you find the list already has some websites, we suggest not to remove anything from there.

When should you add domains to the exception list?

While DoH improves privacy by keeping ISP and someone on Public WiFi, it is possible that websites may not work for you when tried over DoH. On top of that, it can be crucial for networks that use Custom DNS.

An organization with in-house Policies for DNS

The default feature offered by Firefox is excellent for a general consumer. However, it may not be great for organizations. Many rely on DNS to block malware, enable parental controls, or filter your browser’s website access. DoH bypasses all of these, and hence, it is not useful. Also, some websites only resolve when you are connected to a company network.

Firefox offers a solution: the Canary domain. Firefox will attempt to resolve this domain using the DNS server(s) configured in the device’s operating system. If the result is negative, it will be a signal to disable application DNS, i.e., DoH.

If DoH results in a slower DNS resolution

DoH can be more time-consuming, and if it’s happening for you often, and for a particular website, you can choose to add them to the exception list.

Cloudflare as DoH

In the US, Firefox uses Cloudflare as its DNS. Now, any DNS resolver can see the query, but Firefox and Cloudflare are in agreement to forbid Cloudflare or any other DoH partner from collecting personally identifying information. If you are not comfortable with it, you have two options.

  • Replace Cloudflare with any other DNS you trust
  • You can Opt-out by unchecking it entirely or from the notification you receive if and when DoH is first enabled

Firefox also recommends US users disable Firefox study (about:studies) which collects data to improve user experience. You may also disable Firefox Data Collection, which is available under the Privacy and Security panel.

We hope the post was useful and that you can remove specific domains from Firefox DNS over HTTPS.

AshishMohta@TWC

Ashish holds a Bachelor's in Computer Engineering and is a veteran Windows. He has been a Microsoft MVP (2008-2010) and excels in writing tutorials to improve the day-to-day experience with your devices.