Your ISP can see everything you do online. Every site, search, and click is diligently logged by the company that provides your internet connection, logging your online presence. Maybe it’s for analysis, but maybe it’s waiting to be sold to the highest bidder at a later date.
The good news is that you don’t always need to do a great deal to claw back some privacy, and it doesn’t involve downloading any more software. Instead, there are a few browser-based privacy settings you can tweak to stop your ISP from snooping on most of what you do online.
I ran a DNS speed test and Google’s 8.8.8.8 wasn’t even in the top two
The only way to find the fastest DNS is to test it yourself.
What your ISP can see when you’re browsing the internet
Everywhere you go, your ISP will know
To get online, you typically need an Internet Service Provider (ISP) to connect you. You’re basically asking a telecoms provider to hook you up to the World Wide Web and everything that comes with it. But that comes with some trade-offs, not least that they log pretty much everything you do.
That’s not always because your ISP is hell-bent on exposing your data. Often, the powers-that-be demand ISPs log data because it turns out that tracking everything we do online is a really easy way to keep general tabs on the population. And in certain countries, that tracking goes even further.
Without protection or changing any settings, your ISP can see a broad spectrum of your online activity.
|
Data Type |
Can Your ISP See It? |
What It Reveals |
Privacy Impact |
|---|---|---|---|
|
DNS requests |
Yes (by default) |
Exact websites you visit (e.g., example.com) |
🔴 High |
|
Full URLs (HTTPS) |
No |
Specific pages (e.g.,/account/settings) are hidden |
🟢 Low |
|
Website content |
No |
What you read, type, or watch is encrypted |
🟢 Low |
|
IP addresses you connect to |
Yes |
General idea of which service/platform you’re using |
🟡 Medium |
|
Unencrypted HTTP traffic |
Yes |
Everything (rare, but still exists) |
🔴 High |
|
Data usage |
Yes |
How much data you use and rough activity patterns |
🟡 Medium |
|
Connection timestamps |
Yes |
When you’re online and for how long |
🟡 Medium |
|
Search queries |
Sometimes |
Can leak via DNS or browser features |
🔴 High |
|
Encrypted DNS (DoH/DoT) |
No |
Hides domain lookups from your ISP |
🟢 Low |
That’s why making tweaks to your browser is so worthwhile. You won’t become completely invisible, but it cuts off some of the biggest and easiest ways your browsing is tracked.
Stop using your ISP’s default DNS settings
You can easily change this in browser
Every time you visit a website, your device sends a DNS (Domain Name System) request. It’s basically asking: “What’s the IP address for this domain?” By default, that request goes through your ISP’s DNS servers, which means they can log every domain you look up.
So, even if your browsing traffic is encrypted with HTTPS (like most web traffic now), your ISP can still see the sites you visited.
The fix is switching to an encrypted DNS provider (DNS over HTTPS — DoH), which you can enable in your browser. Instead of sending all of your DNS requests in plaintext, DoH encrypts your requests so that they’re unreadable by outside sources. DoH uses the same encryption standards as those that protect your web traffic, as part of the HTTPS standard that secures most of the web.
How to enable DoH in your browser
Giving steps for every single browser out there would be very time-consuming, but we have a simple workaround: most browsers are Chromium-based, which means the settings and menus are very similar. I tracked down the DoH settings in the most popular browsers (Chrome, Edge, Firefox, Opera, and Vivaldi — Safari doesn’t support DoH at the browser level, but it is available in macOS), and the following steps worked each time:
- Open your browser and head to the Settings menu.
- Input DNS in the search bar.
- Scroll through and find the highlighted DNS sections, then toggle either secure DNS or DNS over HTTPS.
Most browsers have a dropdown menu with DoH providers, such as OpenDNS, CleanBrowsing, Google’s Public DNS, Cloudflare, and more. If you’re unsure, Cloudflare is always a good option.
TIP: Don’t stop with your browser DNS, as this only applies to in-browser data. Applying encrypted DNS to your entire operating system boosts your privacy even more.
Turn off page preloading, network prediction, and more
Send as little data as possible
Modern browsers use a few different techniques to speed up the browsing process, such as page preloading and network prediction, which help load pages in advance so they open instantly when you click.
The problem is that this often means your browser is making connections in the background without you explicitly visiting a site. That can include DNS lookups, preconnections to servers, and even partial page loads based on what your browser thinks you’re about to do.
You’re effectively generating extra browsing data that doesn’t reflect your actual activity, which can muddy the waters and leak more information than necessary. While this isn’t as directly visible to your ISP as standard DNS requests, it still increases the number of external connections your device makes.
You can disable this with a few steps, which are applicable across Chromium browsers:
- Head to Settings > Performance
- Scroll down to Speed
- Disable Preload pages
Your browser will stop preloading pages, giving you a tiny privacy boost.
However, you have to consider the privacy boost versus your browsing experience feeling slower. Preloading pages in either the Standard preloading or more advanced Extended preloading modes does speed up browsing; it’s down to your priorities.
Switch on HTTPS in every situation
Different names in different browsers
Even after locking down your DNS and disabling prefetched pages, there is still one small gap left: not every connection automatically uses encryption.
Most modern websites support HTTPS, which encrypts the data between your device and the site you’re visiting. But in some cases—especially with older links, redirects, or mistyped URLs—your browser might still attempt to connect over HTTP first. When that happens, the connection isn’t encrypted, and your ISP can see far more than you’d expect, including the full page you’re visiting.
And that’s exactly when you need a HTTPS Only Mode (Firefox) or Always use secure connections (Chrome and most Chromium-based browsers). It forces your browser to always try the secure HTTPS version of a site before anything else. If a secure connection isn’t available, your browser will either warn you or block the connection entirely, depending on your settings.
- In Chrome, head to Settings > Privacy and security > Security
- Toggle Always use secure connections
Alternatively, if you’re using Firefox:
- Head to Settings > Privacy & security
- Then, under Security, select Enable HTTPS-Only mode in all windows
Once enabled, your browser will automatically upgrade connections to HTTPS and alert you before connecting to a non-secure site.
I replaced my ISP’s DNS without touching my router and got faster, safer browsing
You’re probably using the wrong DNS and don’t know it.
This isn’t a VPN replacement, but it’s all worth doing
These changes are part of a wider focus on protecting your privacy from your ISP. In combination, they’ll help to lock down your browser and protect your data, but unfortunately, it’s not all you need.
The browser changes don’t replace a VPN, and they don’t make you fully anonymous. If someone really wants to analyze your traffic, there are still ways to make educated guesses about what you’re doing.
But most importantly, you’re removing a huge amount of the default, passive tracking behavior that ISPs can pick up because you do nothing at all.
- OS
-
Windows, macOS, Linux, Android, iOS
- Price model
-
Free
