DoH
DNS over HTTPS: encrypts DNS queries inside HTTPS requests so that ISPs and on-path observers cannot see or tamper with them.
DoH (DNS over HTTPS) tunnels DNS queries through normal HTTPS to a resolver endpoint, typically on port 443. Because the traffic looks like any other web request, it is hard to block selectively and impossible to read without breaking TLS. Browsers like Firefox and Chrome support DoH directly, often defaulting to Cloudflare (1.1.1.1) or NextDNS. DoH defeats classic on-path attacks like DNS hijacking by hotel Wi-Fi or ISP injection, but it also moves a great deal of DNS visibility from the network operator to whichever provider runs the DoH endpoint.
Reference
Related terms
See also
Referenced on
- Complete Guide to DNS Attacks and DNS Security (Prevention, Testing & Mitigation)
- DNS Hijacking Explained: How Attackers Take Control of Your Domain's Resolution
- DNS Over HTTPS Abuse: How Encrypted DNS Creates Security Blind Spots
- DNS Tunneling Attack: How Data Is Smuggled Through Port 53
- DNSSEC Downgrade Attack: How Attackers Strip Cryptographic Protection from DNS
- Fast Flux DNS: How Botnets Hide Behind Rapidly Rotating IP Addresses
- How DNS Queries Work: A Developer's Guide to the DNS Protocol
- What Is DNSSEC and Why Should You Enable It?
- What Is NXDOMAIN? Understanding the 'Domain Does Not Exist' DNS Response