This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Does Firefox + Cloudflare DNS over HTTPS block queries to known malicious sites?

  • 1 reply
  • 1 has this problem
  • 25 views
  • Last reply by philipp

more options

Does Firefox + Cloudflare DNS over HTTPS block queries to known malicious sites like OpenDNS. I use OpenDNS at home to automatically block queries to known malicious sites. Using Firefox DoH bypasses this. Am I faced with privacy versus security or does Cloudflare service also prevent access to malicious sites? Thank you.

Does Firefox + Cloudflare DNS over HTTPS block queries to known malicious sites like OpenDNS. I use OpenDNS at home to automatically block queries to known malicious sites. Using Firefox DoH bypasses this. Am I faced with privacy versus security or does Cloudflare service also prevent access to malicious sites? Thank you.

Chosen solution

hi, no the dns over https providers that are integrated into firefox do not block or filter particular domains (other than required by law), which is laid out in this policy: https://wiki.mozilla.org/Security/DOH-resolver-policy

firefox would depend on google's safebrowsing lists to protect you from connecting to known malicious sites: How does built-in Phishing and Malware Protection work?

you can also configure firefox to use opendns as a trusted resolver though: https://support.opendns.com/hc/en-us/articles/360038086532-Using-DNS-over-HTTPS-DoH-with-OpenDNS

Read this answer in context 👍 1

All Replies (1)

more options

Chosen Solution

hi, no the dns over https providers that are integrated into firefox do not block or filter particular domains (other than required by law), which is laid out in this policy: https://wiki.mozilla.org/Security/DOH-resolver-policy

firefox would depend on google's safebrowsing lists to protect you from connecting to known malicious sites: How does built-in Phishing and Malware Protection work?

you can also configure firefox to use opendns as a trusted resolver though: https://support.opendns.com/hc/en-us/articles/360038086532-Using-DNS-over-HTTPS-DoH-with-OpenDNS