DNS over HTTPS (DoH) is a security protocol that encrypts Domain Name System (DNS) queries and responses by sending them over the HTTPS protocol. Unlike traditional DNS, which sends DNS requests in plaintext and is vulnerable to eavesdropping, DNS spoofing, and interception, DoH uses HTTPS encryption (SSL/TLS) to protect DNS traffic. This prevents third parties such as Internet Service Providers (ISPs), hackers, or government agencies from spying on or tampering with the DNS queries, thereby enhancing user privacy and security. DoH also operates over the standard HTTPS port 443, blending DNS queries with regular web traffic, making it harder to block or censor DNS requests. DNS over HTTPS offers several advantages:
- Encrypts DNS queries to prevent surveillance and tampering.
- Protects against attacks like DNS spoofing and man-in-the-middle attacks.
- Shields browsing habits from ISPs and attackers.
- Can bypass network censorship or DNS filtering.
- Supported by modern browsers (Firefox, Chrome, Edge, Safari) and operating systems (Windows, macOS, Linux, Android, iOS).
DoH requires configuration to use DNS resolvers that support the protocol but is increasingly integrated into current technologies due to its privacy and security benefits.
