Description: Canaries exclusively communicate with your Canary Console over DNS by default. This is done by encapsulating all the data the Birds send as DNS requests. For more on how we achieved this with a proprietary method. See our DNS Tunnelling page.
Introducing DNS over HTTPS (DoH), available in most Canaries from version 3.0.0 and up, DoH enables all communications to be done over the HTTPS protocol. Whilst the Canaries already employ a custom encryption method for all data sent, DoH applies another layer of encryption on top of that increasing the level of privacy and security by preventing eavesdropping and manipulation of any DNS requests.
Note: Container Canaries do not support DoH as their networking is handled entirely by their host.
Note: Your Canary will use Cloudflare's DoH service as default, this can however be changed to your preference in the setup dialogue.
Note: We provide an option to set up an HTTP Proxy, this is completely optional and only needs to be configured if you require all HTTP/s traffic to be redirected through your local proxy first.
Note: If your environment requires DoH to be configured and are unable to manage your Bird through the Console, configure DoH locally on the Bird either through the local web interface or the interactive menu on your Virtual Canary.
To set up DoH on a Canary connected to your Console click here.
To set up DoH on a Virtual Canary click here.
To set up DoH on a Hardware Canary through the local web interface click here.
DoH Setup through Console
Step 1:
Log in to your Console.
Step 2:
Click on the Canary you would like to set up DoH for.
Note: We have selected "CT-office-01".
Click on the Configure Canary button.
Enable DoH by clicking on the toggle. The options will be populated with Cloudflare's DoH service by default, you can change this to your preferred provider by completing the text fields.
Step 3:
Once you've made the DoH changes, you will then need to click on Deploy new configuration.
Step 4:
Your DoH configuration will be pushed down to your Canary. Once it gets to 100%, your Canary will then reboot and connect back to your Console with the new configuration.
DoH Setup on a virtual Canary
Step 1:
Boot your Virtual Canary.
Step 2:
Insert the username "canary" and hit "Enter"
Step 3:
Type out the password found on your Canary Consoles and hit "Enter"
Step 4:
Scroll down to DNS over HTTPS (DoH) and hit "Enter"
Step 5:
The options will be populated with Cloudflare's DoH service by default, you can change this to your preferred provider by completing the text fields, once complete "Tab" to Enable DoH and hit "Enter"
(Please note to add http:// prefix to the Proxy address, eg. http://192.168.0.1:8080)
DoH Setup on the local Web UI over Bluetooth/Config mode.
Step 1:
Connect to your Canary over the Bird's UI by taking the Canary back into config mode (Guide found here) and then using the relevant 4-minute setup guide from our help section here.
Step 2:
Enable DoH by clicking on the checkbox. The options will be populated with Cloudflare's
DoH service by default, you can change this to your preferred provider by completing the text fields.
Once logged in to your Console, return to the Canary configuration tab, scroll to the bottom of the page and click Deploy new configuration.
Step 3:
Your re-configured Canary now needs to update its settings with the Console. Open another browser tab to your Console and log in.
Step 4:
Your Canary will then locate your Console that was Opened in another browser tab and update the Canary settings.
Note: If your Canary fails to automatically pair see offline registration.
Step 5:
Your Canary will then reboot and the LED Status will go orange shortly after powering on, briefly flash to red and then switch to green.
If the LED status goes orange and then stays red, there has possibly been a misconfiguration, you can simply put the Canary into the Bluetooth config mode (blue LED) and reconfigure it as per the above steps.