How to block HTTP3/QUIC

January 24, 2022

I've been seeing a lot about HTTP/3 lately and how great it is...

Unfortunately it seems to provide no real benefit to anyone unless you are in the business of tracking users.

Check out A QUIC Look at Web Tracking if you have not already.

A 128 bit identifier plus tracking across network changes.. seems like a great tradeoff for a few ms of your time, right?

Fortunately the QUIC protocol uses udp 80 and 443, which allows you to easily block it using ufw (or better yet would be to block it on your router).

sudo ufw deny out proto udp to any port 80
sudo ufw deny out proto udp to any port 443

Make sure it is active by running sudo ufw status .

Now you can try testing with and it will always say HTTP/2 irregardless of what the browser setting is.

Update: If you want to do this on an android device the dns66 app does it out of the box.

In summary, if you care about respecting privacy at all, block QUIC. I used to get excited about new technology... now it seems new technology often falls under the definition of "malware" (for the user anyways).

Have a good day!