Firefox Setup
Firefox has a dedicated DNS over HTTPS section with different protection levels. Easy HNS works best when you deliberately choose the resolver you want Firefox to use.
At a glance
Best for
Firefox users who want a self-contained browser setup.
Protocol
DoH
Coverage
Browser-only
Setup time
1 to 2 minutes
Main input
https://dns.easyhns.com/dns-query
Firefox Setup stays focused on the shortest accurate path for this platform.
Guide summary
Before you start
Check 01
Use a current Firefox build.
Check 02
If you want Firefox to stay on Easy HNS even when the network changes, choose a stronger protection level instead of default.
Use the right field for the right input.
URL fields need the full DoH URL. Hostname fields need the DoT hostname only. IP fields need the raw address only.
Custom provider URL
https://dns.easyhns.com/dns-query
Use this as the Firefox DNS over HTTPS provider.
Short steps, no filler.
Follow the route in order, then verify the active DNS setting before changing another layer.
Step 01
Open the DNS over HTTPS settings
Open Firefox, go to Settings, select Privacy & Security, and scroll to the DNS over HTTPS section.
Step 02
Choose the protection mode you want
Use Increased Protection if you want Firefox to stay on your chosen provider with softer fallback behavior. Use Max Protection if you want Firefox to stay fully strict and warn when secure DNS cannot be used.
Step 03
Select Easy HNS as the provider
Pick the custom provider option and paste https://dns.easyhns.com/dns-query.
How to verify
Open a Handshake domain in Firefox.
Check the DNS over HTTPS status in Settings if Firefox says secure DNS is not active on the current network.
Troubleshooting
If Firefox reports Not active, the network, VPN, parental controls, or enterprise policies may be telling Firefox not to use DoH.
If a domain only works when protection is set to Default, your network may be forcing fallback behavior.
Important note about Handshake website security warnings
Using Easy HNS gives you convenient access to Handshake domains, but standard browsers may still show security warnings for some Handshake websites.
Why? Because most mainstream browsers do not natively validate Handshake trust and DANE/TLSA in the same way they validate the conventional HTTPS web.
As a result:
- some Handshake websites may load over HTTP;
- some may show a browser warning or missing secure indicator;
- this is often a browser trust-model limitation, not automatically proof that the website is malicious.
If you want a stronger Handshake-native browsing experience with DANE/TLSA support, use Fingertip for desktop.
Using a VPN?
Easy HNS still works well with VPNs, but browser Secure DNS can override router or system DNS, and some VPN apps force their own resolver. Use 51.24.7.1 only in IP fields, use https://dns.easyhns.com/dns-query only in DoH fields, and verify which layer is actually winning.
Setup guide
Chrome
Use Chrome Secure DNS and point it at the Easy HNS DoH URL.
Protocol
DoH
Scope
Browser-only
Time
1 minute
Setup guide
Brave
Brave follows the same Secure DNS pattern as other Chromium browsers, with its own settings page.
Protocol
DoH
Scope
Browser-only
Time
1 minute
Setup guide
Advanced
Exact Easy HNS endpoints for manual clients, custom templates, scripts, and infrastructure tooling.
Protocol
DoH, DoT, plain DNS
Scope
Varies
Time
Depends on platform