How to protect your web surfing using Firefox
, or prevent any Govt agencies from knowing what sites you visit (as long as the IP address of the site you're visiting is hosting multiple sites).
Start Firefox, and do these steps:
- Enter about:config in the URL/address bar and press enter.
- Enter network.security.esni.enabled in the search bar and set it to true by double clicking it.
- Enable Trusted Recursive Resolver by searching for network.trr.mode and set it to 2 (use DNS over HTTPS as first choice, but fallback tor regular DNS), or set it to 3 (to always use DNS over HTTPS)
- Enter network.trr.uri and use https://mozilla.cloudflare-dns.com/dns-query
- Enable TLS 1.3 by searching for tls.version.max and change the value to 4.
- Restart Firefox and visit https://www.cloudflare.com/ssl/encrypted-sni/ then click Check my browser. If you get ticks/checks on Secure DNS, TLS 1.3 and Encrypted SNI, your browsing is now very secure.
- How do you check this? Ping the site you're visiting from a command line, eg, ping sbf.net.nz
- Then from the same command line, run tracert or traceroute IPaddress, eg, tracert 220.127.116.11 or traceroute 18.104.22.168 and if the IP address is on a Content Distribution Network such as AWS, Cloudflare, etc, you're quite safe.
- You need to be using Firefox 67 or later. (Earlier versions might work, if they list all the items above when you search for them).