Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Unable to disable DNS OVER HTTPS

  • 3 replies
  • 1 has this problem
  • 12 views
  • Paskiausią atsakymą parašė Mike Kaply

more options

Hi team ,

We are en enterprise with more than 50k devices , we want to disable "dns over https " for firefox .

I have tested , by applying a locala GPO which creates following registry , Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Enabled =0

referred https://github.com/mozilla/policy-templates/blob/master/README.md#DNSOverHTTPS

after apply"ting this local GPO , registry is created and on browser as welll , in about:policies , it shows this policy but when checking on s=browser settings "ENABLE DNS OVER HTTPS " is still enabled .

Please help , have tried a lot , it does not work and disabling this DOH is very important for us Many thanks

Hi team , We are en enterprise with more than 50k devices , we want to disable "dns over https " for firefox . I have tested , by applying a locala GPO which creates following registry , Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Enabled =0 referred https://github.com/mozilla/policy-templates/blob/master/README.md#DNSOverHTTPS after apply"ting this local GPO , registry is created and on browser as welll , in about:policies , it shows this policy but when checking on s=browser settings "ENABLE DNS OVER HTTPS " is still enabled . Please help , have tried a lot , it does not work and disabling this DOH is very important for us Many thanks

All Replies (3)

more options

The Enabled setting alone essentially acts like a default value. If the user already has DNS Over HTTPS enabled, the GPO isn't going to override that. It will only do so if you also have the Locked value set to enabled.

In that case, the DNS Over HTTPS will be disabled and the user will not be able to change that setting, which sounds like what you want to do anyway.

Hope this helps.

more options

Hi Wesley ,

Thanks for your response.

Have just tried locked policy as well , seems policy is again making registry changes and visible in about:policies and now good thing is when i foto settings in browser , there is an info button at the top which says " Your browser is being managed by your organization." but when checking for DNSOverHttps , it is still accessible and not in the locked state ?

Can u please suggest , where its gong wrong?

Note : I did this test on a fresh machine , installed Morzilla for the first time on this machine and did'nt enabled DNSOVERHTTPS , jyust applied local GPO to lock it .

more options

I just ran a quick check and it's working for me. I've attached a screenshot with my settings and what I'm seeing.

When you go to about:config, what is the value for network.trr.mode and is it locked (disabled)?