How to protect your web surfing using Firefox, or prevent any Govt agencies from knowing what sites you visit (as long as the IP address of the site you're visiting is hosting multiple sites).

Start Firefox, and do these steps:


Enter about:config in the URL/address bar and press enter.
Enter network.security.esni.enabled in the search bar and set it to true by double clicking it.
Enable Trusted Recursive Resolver by searching for network.trr.mode and set it to 2 (use DNS over HTTPS as first choice, but fallback tor regular DNS), or set it to 3 (to always use DNS over HTTPS)
Enter network.trr.uri and use https://mozilla.cloudflare-dns.com/dns-query
Enable TLS 1.3 by searching for tls.version.max and change the value to 4.
Restart Firefox and visit https://www.cloudflare.com/ssl/encrypted-sni/ then click Check my browser. If you get ticks/checks on Secure DNS, TLS 1.3 and Encrypted SNI, your browsing is now very secure.
How do you check this? Ping the site you're visiting from a command line, eg, ping sbf.net.nz
Then from the same command line, run tracert or traceroute IPaddress, eg, tracert 104.25.33.6 or traceroute 104.25.33.6 and if the IP address is on a Content Distribution Network such as AWS, Cloudflare, etc, you're quite safe.
You need to be using Firefox 67 or later. (Earlier versions might work, if they list all the items above when you search for them).


238276

238277

238278

238279

238281

238280

238282

238283

This is far too complicated for the majority of people who simply access the site with their default browser on their phones or tablets.

The average website visitor today knows far less about what is going on behind the browser compared to 20 years ago.

When I request someone to send me the URL of a message that they are complaining about the answer I am most likely to get is "what is that?".

Most mobile devices don't even display the full url of a message when in their default setting.