If you are using Firefox there are some settings in Firefox you can change and it will allow you to access the site (and other blocked ones...)
Configure DNS Over HTTPS in Firefox using Cloudflare
Update Firefox to the latest versionthen, go to Firefox Options > General > Network Settings and check the box "Enable DNS over HTTPS". This will automatically throw two switches in about:config.
In Firefox "Address bar" type: about:config Press Enter and click on "I accept the risk!" which will allow you to configure Firefox properly.
you will be searching for and double clicking to change, "network.trr.mode" "network.trr.uri" "network.trr.bootstrapAddress" "esni.enabled"
network.trr.mode = 2
network.trr.uri = https://mozilla.cloudflare-dns.com/dns-query
Next, in about:config, set network.trr.bootstrapAddress to 1.1.1.1 *note
Finally, set network.security.esni.enabled = true
Hard refresh your browser after the changes. CTRL + F5 to Hard Refresh.
That's it! You should be able to browse the sites you used to be able to.
*note
?Optional - Don't worry about DNSSEC, Make sure you pass "Secure DNS" and "Encrypted SNI".
If you want to pass DNSSEC as well you will need to change your DNS settings, preferably in your router to use 1.1.1.1
Check your work by running all four tests at https://www.cloudflare.com/ssl/encrypted-sni/
network.trr.mode values:
0: Off by default
1: Firefox will choose based on which is faster
2: TRR preferred, fall back to DNS on failure
3: TRR only, no DNS fallback
5: TRR completely disabled
==========
Firefox provides an optional resolver mechanism using a dedicated DNS-over-HTTPS server.
https://wiki.mozilla.org/Trusted_Recursive_Resolver
Setting DNS-over-HTTPS in Firefox
Set `network.trr.mode` to 2 to make DNS Over HTTPS the browser's first choice but use regular DNS as a fallback (0 is "off by default", 1 lets Firefox pick whichever is faster, 3 for TRR only mode, 5 to explicitly turn it off).
Set `network.trr.uri`. Ones that you may use: https://mozilla.cloudflare-dns.com/dns-query (Privacy Policy), https://dns.google.com/experimental
TRR is preffed OFF by default and you need to set a URI for an available DOH server to be able to use it. Since the URI for DOH is set with a name itself, it may have to use the native resolver for bootstrapping. (Optionally, the user can set the IP address of the DOH server in a pref to avoid the required initial native resolve.)
All prefs for TRR are under the "network.trr" hierarchy.
==========
DNS
Every website lives at a numerical IP address. Your Domain Name Server, or DNS, translates these numerical IP addresses into readable domain names we all know and remember. If your DNS settings are not working correctly, or you’re still using defaults, you may be at risk for cybercrime and performance issues. Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system’s performance, plus, it preserves and protects your privacy. It’s like an immunization for your computer.
Also check out https://www.quad9.net/
DNS is 9.9.9.9
DNS Privacy Clients
Desktop
Cloudflare have release two tools to provide DOH clients, see https://developers.cloudflare.com/1.1.1.1/dns-over-https/cloudflared-proxy/
Frank Denis has a dnscrypt-proxy (client proxy) that supports DoH.
Curl also supports DoH https://github.com/curl/doh
Mobile
There is an Android App called 'Intra' which can be used to send all queries from the device over DOH to either Cloudflare or Google
Comments
Post a Comment