cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Firefox has DNS leak security issue

LeslieAlexander
Making moves

When I was using a proxy to surf the Internet, to ensure my security, I checked the DNS leak status. When I use Firefox, the query results show that my DNS is leaked and the DNS is my real DNS. However, when I use Chrome to query, there is no DNS leak. This is a serious security issue. Please Mozilla in time. repair. (The website I used to query DNS leaks is https://ipleak.net)

11 REPLIES 11

JonesBones
Making moves

Might be caused by WebRTC. Try to set media.peerconnection.enabled to False under about:config if test in that site does not say "No leak" for WebRTC test.

Also might be caused by DNS over HTTPS.

Anonymous
Not applicable

No, the issue still there. I'm in China. My proxy is in Switzerland. It detected my DNS from China and Switzerland.

Chloé
Making moves

I’ve encountered the same issue. In Firefox version 122, there is a DNS leak even though I haven’t installed any extensions. I’ve disabled WebRTC and DNS over HTTPS features, but the problem persists. When I switch to Edge with the same proxy configuration, there is no DNS leak.

 

Chloé
Making moves

If you are using the Clash Meta new kernel, please consider switching back to version 1.16.0. This should prevent DNS leaks. 

No, I use V2RayN

Bunnyben
Making moves

Browsers must maintain users' privacy and security, especially when using proxies or VPNs. Here are a few steps you can take to mitigate this issue:

  1. Update Firefox: Ensure you're using the latest version of Firefox. Developers often release updates to address security vulnerabilities and improve overall performance.

  2. Check Firefox Settings: Review Firefox's settings related to DNS and proxy configurations. Sometimes, misconfigurations or conflicting settings can lead to leaks.

  3. Use Firefox DNS-over-HTTPS (DoH): Firefox supports DNS-over-HTTPS, which encrypts DNS queries and helps prevent DNS leaks. You can enable this feature in Firefox's settings.

  4. Report the Issue to Mozilla: If you've confirmed the DNS leak issue persists in the latest version of Firefox and after checking your settings, consider reporting it to Mozilla. They take security and privacy seriously and will investigate and address the issue if necessary.

  5. Consider Alternative Browsers: While waiting for a fix, you may want to use an alternative browser like Chrome or another trusted option that doesn't exhibit the same DNS leak problem.

  6. Use a DNS Leak Testing Tool: Continuously monitor your browser's behavior using DNS leak testing tools like the one you mentioned (ipleak.net) to ensure your privacy and security are maintained.



                                                                                                                       kuwait civil id status

Whether I turn on DNS Over Https or not, The issue is still there. So How Can I report it to Mozilla? The reason I post here is precisely because I want Mozzilla to fix this problem.

LeslieAlexander
Making moves

I found that in the latest Firefox Version 123.0 this issue is still there. Please fix it as quickly as possible

Gorman42
Making moves

I find the same problem. Tried everything but FF still leaks DNS. Same configuration in Chromium does not.

jscher2000
Leader

If I understand how this test works, the result means that Firefox is not sending DNS requests through the proxy server, it is still using the same DNS servers as when you are not using a proxy.

Could you check the Connection Settings dialog? There is a checkbox at the bottom related to sending DNS requests through the proxy. I have not tested it myself. Here is the support article:

https://support.mozilla.org/kb/connection-settings-firefox

Meanwhile, if you use about:config, you also can confirm that the network.proxy.socks_remote_dns preference is set to true after saving that change.

Any difference on the DNS leak test?

Yuqian
Making moves

Tried enable network.proxy.socks_remote_dns, leaks still persist. Under the same env, Edge does not leak. FYI, using the latest 124.0.2.

 

Update: Force using DoH resolve the issue, but Edge does require this.