Mozilla is always bringing new security oriented concepts to their Firefox web browser. In the new version of Firefox, they have added Trusted Recursive Resolver (TRR) that allows Firefox to use DNS-over-HTTPS (DoH) servers for much more security and privacy as you use the browser in your everyday life.
The insecure DNS servers, as set in the network interface settings of your computer, allow the domain name resolution queries sent to DNS servers to be read by someone sitting in the middle such as your ISP. But with secure and encrypted DoH, nobody can know which domain names you are trying to access.
However, some security experts are not happy with Mozilla’s decision to include TRR in the web browser. They are arguing that it should not be enabled for everyone, especially the security conscious users who have configured their network to use trustworthy DNS servers (source: slashdot.org). If you are one of those Firefox users who want to use the DNS servers configured with your network interface instead of DoH, then here is how you progress:
- Type about:config in the address bar and press Enter.
- When warning appears, click on the I accept the risk button.
- In the search box type network.trr.mode to find the settings we want.
- Double-click on network.trr.mode and set its value to 5.
- After this, Firefox will not try to use DoH even if you have configured the DoH server in the settings.
When you set the network.trr.mode value to 5, it means that you have made a choice to turn off TRR and prevent Firefox from using DoH. You can also set its value to 0, which is also the default value and it also turns off TRR but with a difference that it makes Firefox think that TRR is off because you have not configured DoH servers yet.
network.trr.mode causes a failure to lookup domains if a proxy is used in 60.9.0esr.