cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Firefox has DNS leak security issue

LeslieAlexander
Making moves

When I was using a proxy to surf the Internet, to ensure my security, I checked the DNS leak status. When I use Firefox, the query results show that my DNS is leaked and the DNS is my real DNS. However, when I use Chrome to query, there is no DNS leak. This is a serious security issue. Please Mozilla in time. repair. (The website I used to query DNS leaks is https://ipleak.net)

19 REPLIES 19

JonesBones
Making moves

Might be caused by WebRTC. Try to set media.peerconnection.enabled to False under about:config if test in that site does not say "No leak" for WebRTC test.

Also might be caused by DNS over HTTPS.

Anonymous
Not applicable

No, the issue still there. I'm in China. My proxy is in Switzerland. It detected my DNS from China and Switzerland.

Chloé
Making moves

I’ve encountered the same issue. In Firefox version 122, there is a DNS leak even though I haven’t installed any extensions. I’ve disabled WebRTC and DNS over HTTPS features, but the problem persists. When I switch to Edge with the same proxy configuration, there is no DNS leak.

 

Chloé
Making moves

If you are using the Clash Meta new kernel, please consider switching back to version 1.16.0. This should prevent DNS leaks. 

No, I use V2RayN

Bunnyben
Making moves

Browsers must maintain users' privacy and security, especially when using proxies or VPNs. Here are a few steps you can take to mitigate this issue:

  1. Update Firefox: Ensure you're using the latest version of Firefox. Developers often release updates to address security vulnerabilities and improve overall performance.

  2. Check Firefox Settings: Review Firefox's settings related to DNS and proxy configurations. Sometimes, misconfigurations or conflicting settings can lead to leaks.

  3. Use Firefox DNS-over-HTTPS (DoH): Firefox supports DNS-over-HTTPS, which encrypts DNS queries and helps prevent DNS leaks. You can enable this feature in Firefox's settings.

  4. Report the Issue to Mozilla: If you've confirmed the DNS leak issue persists in the latest version of Firefox and after checking your settings, consider reporting it to Mozilla. They take security and privacy seriously and will investigate and address the issue if necessary.

  5. Consider Alternative Browsers: While waiting for a fix, you may want to use an alternative browser like Chrome or another trusted option that doesn't exhibit the same DNS leak problem.

  6. Use a DNS Leak Testing Tool: Continuously monitor your browser's behavior using DNS leak testing tools like the one you mentioned (ipleak.net) to ensure your privacy and security are maintained.



                                                                                                                       kuwait civil id status

Whether I turn on DNS Over Https or not, The issue is still there. So How Can I report it to Mozilla? The reason I post here is precisely because I want Mozzilla to fix this problem.

To report the issue to Mozilla and ensure they can investigate and address it, you can follow these steps:

1. Use Mozilla’s Bug Reporting Tool:

  • You can report the issue through Mozilla’s official Bugzilla platform, which is used to track bugs and technical issues.
  • Here’s how you can do it:
    1. Visit Mozilla’s Bugzilla website.
    2. Create an account or log in.
    3. Click on File a Bug.
    4. Select the appropriate product (e.g., Firefox).
    5. Fill in the required information, including a detailed description of your issue.
    6. Attach any relevant files or screenshots that could help them understand the problem.
    7. Submit the report.

2. Use Firefox's Built-in Reporting Tool:

You can also report the issue directly from your Firefox browser:

  • Click the Firefox menu (three horizontal lines in the top right).
  • Go to HelpSubmit Feedback.
  • This will redirect you to a page where you can describe your issue or suggestion in detail.

3. Engage on Mozilla Connect:

If you'd like to share your issue directly with the community and Mozilla staff, you can post it on Mozilla Connect. Provide a detailed description of your problem, and explain that the DNS Over HTTPS setting didn’t resolve it, so you're seeking further support or a bug fix.

LeslieAlexander
Making moves

I found that in the latest Firefox Version 123.0 this issue is still there. Please fix it as quickly as possible

Gorman42
Making moves

I find the same problem. Tried everything but FF still leaks DNS. Same configuration in Chromium does not.

jscher2000
Leader

If I understand how this test works, the result means that Firefox is not sending DNS requests through the proxy server, it is still using the same DNS servers as when you are not using a proxy.

Could you check the Connection Settings dialog? There is a checkbox at the bottom related to sending DNS requests through the proxy. I have not tested it myself. Here is the support article:

https://support.mozilla.org/kb/connection-settings-firefox

Meanwhile, if you use about:config, you also can confirm that the network.proxy.socks_remote_dns preference is set to true after saving that change.

Any difference on the DNS leak test?

Yuqian
Making moves

Tried enable network.proxy.socks_remote_dns, leaks still persist. Under the same env, Edge does not leak. FYI, using the latest 124.0.2.

 

Update: Force using DoH resolve the issue, but Edge does require this.

lilly
Making moves

In the meantime, you can try a few workarounds to mitigate the issue:

1. Enable DNS over HTTPS (DoH) in Firefox. This can help encrypt your DNS queries and prevent leaks. To do this, go to Settings > General > Network Settings > Settings, and select "Enable DNS over HTTPS".
2. Use a VPN (Virtual Private Network) extension in Firefox. This can help encrypt your internet traffic and prevent DNS leaks.
3. Consider using a different browser, like Chrome, which appears to be working correctly for you.

 

                                                                                                                          kuwait civil id status

HOWEMI
Making moves

The Emirates ID fine check allows residents of the UAE to verify any penalties related to their national ID card, such as late renewal or incorrect information. Fines can be checked online through the Federal Authority for Identity, Citizenship, Customs, and Port Security (ICP) website or mobile app.

singhh9596
Making moves

Mine passes. I have no such dns leak issues

Chloé
Making moves

I started a brand new windows 11 VM, installed firefox 130.0.1, set the windows system proxy, and set the firefox network setting to “use system proxy”. Visiting “ipleak.net” brings up both the ISP DNS server and the proxy node's server, and using Wireshark there are also records sent to the default DNS server. If Firefox has DNS over HTTPS enabled, or if you set up a proxy server manually, there will be no DNS leakage. The same proxy software configuration on Chrome and Edge did not find DNS leakage.

 

NightFuture
Making moves

Same problem. For some reason using system proxy causes dns leak. Using Max Protection setting, choosing Custom and then entering my proxy server address (in my case it's localhost) solves the problem but i can't surf the net if i disable system proxy and changing settings every time i change my system proxy settings is too annoying. I can also choose some dns provider from the list but i don't want to. I just want firefox to proxy my dns requests when system proxy is on automaticaly.
I checked Google Chrome and it works just as i expected out of the box.

 

knollet
Making moves

I probably have a related problem:
I have a system proxy set (As far as I know it's a http proxy), and don't have access to public DNS. External DNS is not resolved on our internal DNS. Access is only possible via proxy.

Upon opening external pages, Firefox just sits there waiting some seconds before loading the page. Internal (resolvable) pages load fast. Edge doesn't have this problem.
Our DNS takes a time to answer that it doesn't know an external site (tried with nslookup and ping), so I suspect that Firefox asks the DNS before opening pages, and this takes a while for external pages (with negative answer) but not for internal pages. As the request goes through the proxy, anyway, after this, I ask myself why Firefox has to use the DNS (and thereby also leaking the lookup).

(128.5.0esr (64-Bit) on Win11)