Doesn't work, questions + any recommendations on how to debug?

[aderchox]

I've installed the proxy on a server abroad the geo-blocked region, and took all the steps successfully (including issuing the certificate) without any errors. The server also says it's Active. I'm also receiving requests on the /dns-query path on Nginx, however, browser DoH proxy clients don't recognize it as valid, and Edge as an instance, shows this:

I wonder if this is an issue with using a .ir domain name?
The domain records are on Cloudflare, but maybe due to DNS requests taking a recursive path, a .ir domain will still encounters issues on its way? Maybe ccTLDs can block DoH? How do I debug this?
Thanks in advance.

[aderchox]

Also another question.
I've read somewhere that hackers could abuse such servers! I'd be grateful if you explain whether this is true, and if it is, explain how they can abuse it?
The only thing a DNS server does is, give the IP address corresponding to a domain name, so assuming I've hardened the security of my server properly (there's no faith in any amount of security hardening, but just let's assume that it's secured and cannot be spoofed), I can't imagine how hackers could abuse an impenetrable DoH server to harm any targets?
Of course it is possible to block IPs other than mine, but considering the dynamic nature of home public IP addresses issued by ISPs, I suspect this option is barely useful.