Menu
What's new
By:
Filters Better Search

Disabling Firefox's automatic switch to DoH

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

psotconf will work, however make sure you enable custom script/config supports on the System page.

Also check the System Log, it should confirm that it detects and processes your postconf. If not, then double check the filename and location.
 
tiko said:
I tried the first post config on an AC87U and it does not work.

I activated the option (Prevent Firefox DoH in WAN Setting) on an AC68U and it does work, but as AC87U has not reached the 384.14 it does not have that option.

Has any one have an idea for it to work? Basically we are trying to prevent employees from NSFW content at the office to avoid a future lawsuit, and they are now using this option (small office of 6 people only)
Click to expand...
This setting will only prevent the automatic switch to DoH, but won’t prevent a deliberate switch by the Firefox user. See:
https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
 
tiko said:
I tried the first post config on an AC87U and it does not work.

I activated the option (Prevent Firefox DoH in WAN Setting) on an AC68U and it does work, but as AC87U has not reached the 384.14 it does not have that option.

Has any one have an idea for it to work? Basically we are trying to prevent employees from NSFW content at the office to avoid a future lawsuit, and they are now using this option (small office of 6 people only)
Click to expand...

Are they allowed to use their own devices? Or are they supplied with the devices they need to perform their jobs?

Either not allow them to connect with 'foreign' devices to the work network or lock down the supplied devices so that they can't change any pertinent settings that allow them this bypass ability.
 
RMerlin said:
psotconf will work, however make sure you enable custom script/config supports on the System page.

Also check the System Log, it should confirm that it detects and processes your postconf. If not, then double check the filename and location.
Click to expand...
It worked now, I forgot to CHmod the file and hell was risen on router
L&LD said:
Are they allowed to use their own devices? Or are they supplied with the devices they need to perform their jobs?

Either not allow them to connect with 'foreign' devices to the work network or lock down the supplied devices so that they can't change any pertinent settings that allow them this bypass ability.
Click to expand...
The problem here is that laptops are changed every week or so, because they are rented. Software to control the users is not possible to use it.

Any way, even if we used Radius on the network with certificates on both ends, users still can use firefox and enable this option on the pcs we provide, so it is not possible to do as you say.
 
@tiko, rented laptops? Cheaper to buy refurbished and install Microsoft 365 with full control on them, no?
 
L&LD said:
@tiko, rented laptops? Cheaper to buy refurbished and install Microsoft 365 with full control on them, no?
Click to expand...
Hello, yes, don't want to go full off topic but is a small business where we are editing political advertising. So, it is better to rent some MacBook Pro's with all the licenses included than to buy them, because this lasts for only 3 months and every designer goes back to his/her own job. Sounds crazy but in this times we have to look for new ways to make money.

Cheers!
 
schnappi said:
Why use:
server=/use-application-dns.net/
instead of:
address=/use-application-dns.net. /0.0.0.0
Click to expand...

I think there's a typo in the second statement:
Code: 
address=/use-application-dns.net. /0.0.0.0
                                ^^

Did you really mean address=/use-application-dns.net/0.0.0.0 or actually address=/use-application-dns.net/?

The first returns 0.0.0.0 and the second returns NXDOMAIN. A reply of of 0.0.0.0 will not disable DoH. https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet

See post #7.
From the dnsmasq man page:
As for --server, one or more domains with no address returns a no-such-domain answer, so --address=/example.com/ is equivalent to --server=/example.com/ and returns NXDOMAIN for example.com and all its subdomains.
Click to expand...
 
Last edited:
You must log in or register to reply here.

Similar threads

R
Would any of this make my browsing more secure? (WAN DNS settings)
2
Replies
20
Views
1K
aru
aru
D
Solved Windows 11 updates won't download attempted disabling router settings.
Replies
18
Views
1K
DJones
D
J
Solved OpenVPN clients can't resolve custom domains defined in dnsmasq config
Replies
2
Views
611
jkbach
J
N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
407
nino_070
N
pianopete
Solved How to redirect my local domain to an externally hosted web server
Replies
1
Views
370
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
A Disabling FC and running speedtest Asuswrt-Merlin 9
D Solved Windows 11 updates won't download attempted disabling router settings. Asuswrt-Merlin 18
M Disabling USB 3.0 on an AiMesh child ? Asuswrt-Merlin 6
warlock Problem when disabling advertise router Asuswrt-Merlin 1
N [Bug][Firefox] Cannot see text typed into login fields Asuswrt-Merlin 3
U Where to start with automatic scripting for AsusWRT-Merlin Asuswrt-Merlin 11
C VPN Client KillSwitch/Automatic Start at Boot Failures Asuswrt-Merlin 3
L Mtu change doesnt work on 386.11 via connection automatic ip. Asuswrt-Merlin 4
BlueOrbit Merlin - automatic firmware update possible? Asuswrt-Merlin 45
TheLyppardMan How accurate are the automatic speed/quality tests? Asuswrt-Merlin 6

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,143 (members: 37, guests: 1,106)
Top