|
|
|
|
|
|
by wkat4242
873 days ago
|
|
|
Blocking DoH at the router is almost impossible because it looks exactly the same as other HTTPS traffic. The only option is to do a man in the middle like some business firewalls (eg zscaler) do. I don't like DoH much either because apps can use it to bypass my local pihole. But blocking it is hard when an app hardcodes its own DoH server. DoH is really a solution for a US problem that we in Europe don't have. Here it's illegal for ISPs to use deep packet inspection to datamine their customers. |
|
|
I covered that in the comment next to this one.