Use Encrypted DNS Whenever Possible
DNS can leak, so make sure no DNS requests bypass your VPN or P2P connection.

Even with a secure network, DNS leaks can still occur. It’s worth verifying that no requests are being split-tunneled.
To keep my DNS traffic safe, I use DNSCrypt, which encrypts DNS requests and protects against threats like DNS spoofing and man-in-the-middle attacks. I use public, no-log DNS servers for more privacy. DNSCrypt doesn’t stop leaks. It just secures the traffic. To make my privacy stronger, I use dnscrypt-proxy2 to send DNS requests through Tor.
Hint: Firefox uses DNS-over-HTTPS (DoH) by default, routing requests through Cloudflare DNS. It’s a good idea to switch to an alternative provider or disable DoH for better control over your DNS privacy.