What are DNS for?
To talk about the DNS over HTTPS protocol, first of all we must know what are DNS and what are they for. We can say that they are servers in charge of translating Internet traffic when we put a domain name in the browser.
Let’s take as an example that we use Chrome to enter RedesZone. In the address bar we are going to put redeszone.net. What DNS servers do is link that domain name that we put with the corresponding IP address. In this way we will not have to memorize a series of numbers, which would be the IP, but simply know what the name of the site is.
What our team does, through the browser, is make a request to those DNS servers so that you can give us the corresponding address. This is a process that is carried out the first time, since from that moment it is stored in cache and speeds up the process. Of course, if we clear the DNS cache, the process will start again.
Generally we use the DNS servers that come predetermined with the Internet operator that we use. However we can change them. We can use, for example, the publics of Google or those of Cloudflare, which are some of the most used. There are many more, and using one option or another can even improve your Internet speed.
What is the DNS over HTTPS protocol
Once we know what DNS servers are for, we can explain how the protocol works DNS over HTTPS or DNS over HTTPS. This is closely linked to security and privacy, since what it does is encrypt that request. If we go back to the example we put before, our browser will make a request by putting redeszone.net or whatever domain name it is. That request will travel unencrypted.
In the early days, when the DNS protocol appeared, they did not focus so much on the Privacy. This is something that happened with most protocols that have been adapted over the years. For example FTP or HTTP itself. In both cases they were updated with more secure versions.
Thanks to DNS over HTTPS, that request will be encrypted. With DoH, as it is known for short, we are going to prevent a third party from spying on and registering those requests that we send. No one would know which directions we are trying to enter.
What it ultimately does is make that DNS request but using the encrypted HTTPS protocol. This will avoid certain problems, as we will see, in addition to helping to have a better connection.
Today the main browsers such as Chrome or Firefox use DNS over HTTPS as standard. This was one more step to achieve an improvement in security and privacy when browsing.
Why is DoH useful
So why is it really useful to use DNS over HTTPS? How does it come in handy for you when browsing? There are security and privacy reasons, as we will explain. It is a protocol that has come to stay, as HTTPS did at the time and today there are few pages that do not use it.
One of the main reasons why the DoH protocol is interesting is to improve privacy of the users. When we initiate a request in the browser, for example to enter RedesZone, in the mail, on social networks or wherever, that process will not be registered by a third party.
This is especially useful if we are going to surf from networks that are not secure or we do not want a third party, by some means, to be able to see what sites we are visiting. Thanks to this protocol, that request is sent fully encrypted.
Avoid DNS hijacking and other attacks
But security is also going to improve. A potential hacker could intercept that request and lead us to pages that have nothing to do with the one we hope to visit. It is what is known as DNS hijacking or DNS hijacking.
This can cause us to enter a website inadvertently and turn out to be a threat. For example, a DNS hijack could cause entering a legitimate news page to redirect us to another malicious site full of malware. We can even end up on a page created by a cybercriminal and pretending to be legitimate so that we can log in and steal passwords.
Using unencrypted DNS can make it easier to censorship. They could block certain requests so that we cannot enter a web page. This can happen if, for example, we are traveling in a country where viewing certain news pages is prohibited and the providers do not allow such requests.
By using DoH, those requests will be encrypted. They’re going to be hidden and they couldn’t really know which site we’re trying to get into. Therefore, using this protocol will also come in handy in order to, at least, complicate censorship on the network.
Another point to highlight is that thanks to the DoH protocol a performance improvement when resolving DNS requests. In tests carried out by Internet providers, the response time in many cases improves.
This is important in order to have a better Internet connection, more optimized, with less loading times of web pages.
In short, DNS over HTTPS is a protocol that is used to encrypt the DNS requests that we make on the Internet every time we visit any page. It is important for security and privacy, although it also has other advantages as we have seen.