Dns over https in browsers + webrtc leak on/off

Rock.87
Rock.87 Defender of the month ✭✭✭

is it necessary to switch browser's DNS over HTTPS feature off to avoid any expected conflicts with bitdefender vpn ?


webrtc's :

Should b.defender vpn users fix ( Switch off ) the webrtc in firefox/chrome.brave etc to let the vpn fully secure the internet traffic ? or bitdefender vpn installed along with bitdefender total security ( premium ) ll take care of it? here is an example :

Can Enabling WebRtc be a Threat to user's privacy ?

Best Answer

  • Alexandru_BD
    Alexandru_BD admin
    Answer ✓

    Hello again @Rock.87 🙂

    So, in regard to DNS over HTTPS, ideally it should be OFF in all the applications used (browsers, torrents, etc.), especially when using a security solution and VPN application. When the VPN is connected to the server, domain resolution is done by the VPN DNS server, which brings several benefits:

    First, there's the obvious privacy benefit. Although this is also valid with the setting of DNS over HTTPS, but not if you use Google DNS. 🙂
    Secondly, unlocking restricted content depending on the geographical region is also a benefit worth mentioning.
    And third, Bitdefender VPN blocks ads and trackers based on DNS requests. If they are already encrypted by certain applications (DNS over HTTPS in browsers) this feature will NOT work.

    Last but not least, there's webrtc. Bitdefender solutions offer protection to avoid webrtc leaks (Bitdefender VPN) as well as vulnerabilities (Bitdefender Total Security) that may appear with the use of this communication protocol, but the recommendation is to disable the setting if it's not strictly necessary.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

Answers

  • I am also interested in this topic as I regularly connect a corporate Guest Network using a personal device. I always connect using bitdefender vpn when doing so.

    I'm not an expert but I read that most vpn providers route DNS queries through their own DNS servers for privacy. If DoH is enabled in Firefox, your DNS queries might bypass the VPN's DNS and still go the browser's resolver (e.g. Cloudfare).

    Hope someone else can chime in.

  • Rock.87
    Rock.87 Defender of the month ✭✭✭
    edited October 18

    Hi , you said :

    So, in regard to DNS over HTTPS, ideally it should be OFF in all the applications used (browsers, torrents, etc.)
    1 : Plz provide few famous names of the softwares after '' browsers & torrents '' to let me better understand.
    2 : now come to the next line '' especially when using a Security Solution and VPN application '' i understand that we should disable DOH while using a vpn due to the expected conflicts but if i am using some browser without vpn along with bitdefender total security or any other security solution installed on my p.c./cell phone , why should i disable DOH in that case as you ve recommended.
    3- Is there any bitdefender's provided DNS for paid/free users to let them avoid dns leaks risks without using it's vpn ? ( as it reduce speeds & not required all the time ) Because firefox or other browsers offer DNS protection only if its available. anyway why that protection is not available all the time & does bit.vpn provides such kind of protection all the time if active ?
    4 : which is the best alternate of my isp's or google dns ? cloudflare ?