What's new

Settings Prevent client auto DoH

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Unetwork

Senior Member
Hi, can you explain the difference between "AUTO" and "YES" modes for the "Prevent client auto DoH" function.
I always left it on "YES" but never really understood if it was right.
I want all firefox browsers on my network to exclusively use my ASUS router's custom DNS and DNS privacy protocol (DoT)
Are my settings correct on "YES" ?
Thank you in advance for your advice.
 
Last edited:
Click on the "Prevent auto DoH" label to see an explanation.
 
Thank you for your answer. I have already consulted the information bubble but it is still not clear to me.
Does "YES" prevent any device on the LAN doing DoH, so includes "AUTO" but also any manually attempts ?
I specified that I only want to use the DoT protocol, so I guess "YES" is correct which will ban DoH from the local network ?
 
Last edited:
That option does not prevent using DoH. It only prevents the use of the automatic DoH upgrade supported by, Firefox, for example.

Blocking or intercepting DoH is pretty difficult because it was specifically designed that way, to give network admins a headache (as it uses the same port as regular https traffic). Just one of the multiple reasons why I hate it and I prefer DoT...
 
Thanks for the additional information.
I will leave it on YES, from what I understand it makes more sense. Better safe than sorry...
Another point, with DoT enabled, is it necessary to also enable "DNS-Based Filtering" choice (Router) ?
I don't see a difference if I enable or disable this setting.
Sans titre 2.png
 
Another point, with DoT enabled, is it necessary to also enable "DNS-Based Filtering" choice (Router) ?
It will prevent devices with hardcoded DNS servers (like some Android apps who are harcoded to use 8.8.8.8) from bypassing the router for regular DNS requests.
 
Thank you for this information, everything is now clear to me.
Good evening to you and thanks again for your work !
 
~
I want all firefox browsers on my network to exclusively use my ASUS router's custom DNS and DNS privacy protocol (DoT)
~
Besides what's already been correctly posted in this thread, you can disable it within Firefox anyway, if you want:
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top