In windows 11, how to enable dns over https (doh)

How to

DNS over HTTPS encrypts DNS traffic for enhanced security and privacy. Here are some simple steps on how to enable DNS over HTTPS in Windows 11.

Microsoft has long promoted DNS over HTTPS. If not for Windows 11, it would have been an important feature of Windows 10. Fortunately, Windows 11 includes DNS over HTTPS functionality. This Windows 11 Quick and Simple Guide explains how to enable DNS over HTTPS in Windows 11 and how to configure it.

Contents
  1. What is DNS over HTTPS Before we get into DNS over HTTPS (DoH), we first need to know what DNS means. Simply put, the Domain Name System (DNS) translates human-readable website addresses into corresponding IP addresses. For example, if you try to open a website such as bing.com or google.com, the DNS server takes that domain name and translates it into the corresponding IP address. This is called a DNS query. Think of the DNS like a phone book. Without a DNS server, it would have to remember the literal IP address of each website. As you can imagine, that would not be good. The above is a very brief explanation of what DNS is. If you are interested, please read this Cloudflare blog post to understand more about DNS. DNS queries are usually unencrypted. This means that anyone monitoring your network packets can easily see which websites you are visiting. This is true even if the website uses HTTPS protection. Unencrypted DNS queries are also susceptible to man-in-the-middle attacks. In these attacks, the attacker modifies the DNS response and redirects unsuspecting users to a malicious website. When DNS over HTTPS is enabled, all DNS queries are encrypted. For DNS over HTTPS to work, both the operating system/application and the DNS server endpoints must be supported. Fortunately, the Windows 11 operating system and most major DNS services such as Cloudflare and Google Public DNS support DNS over HTTPS. Enabling DNS over HTTPS in Windows 11 To enable DNS over HTTPS in Windows 11, follow these steps. Next, launch the “Settings” app by pressing the Windows key + I hotkey. In the “Settings” app, select “Network and Internet” in the sidebar and click the “Properties” option under the main heading. Next, click the “Edit” button next to the “DNS Server Assignment” option. This will enable and configure the DNS over HTTPS feature. Select “Manual” from the first drop-down menu. Next, turn on “IPv4”. Next, enter one of the following IP addresses in the “DNS Preferred” field. We recommend using Cloudflare DNS. Cloudflare DNS – 1.1.1.1 Google Public DNS – 8.8.8.8 Quad9 – 9.9.9 “Preferred DNS encryption” drop-downSelect the “Encrypted only (DNS over HTTPS)” option from the menu. Next, enter one of the following IP addresses in the “Alternative DNS” field. It is recommended that you use the same DNS service that you used in the “Preferred DNS” field. For example, we used Cloudflare DNS (1.1.1.1) as our Preferred DNS, so we use 1.0.0.1 as our Alternate DNS. Cloudflare DNS – 1.0.0.1 Google Public DNS – 8.8.4.4 Quad9 – 149.112.112.112 Next, from the “Alternative DNS Encryption” drop-down menu, selectEncryption Only (DNS over HTTPS)”. Finally, click the “Save” button to apply the DNS over HTTPS settings. Restart your computer so that all changes are applied to your operating system, and you are ready to go. From this point on, all DNS queries made by your computer will be encrypted. You can check on this page to see if this is the case. If the DNS over HTTPS feature is working as intended, you will see “Yes” next to the “Using DNS over HTTPS (DoH)” header. If you are using IPv6, it is recommended that you set up IPv6 DNS in the same way as IPv4 DNS. IPv6 DNS addresses that can be used for DoH setup, as well as preferred and alternate addresses, are listed below. Cloudflare – 2606:4700:4700::1111 & 2606:4700::1001 Google Public DNS – 2001:4860:4860::8888 & 2001:4860:4860::8844 Quad9 – 2620:fe::fe & 2620:fe::9 That’s it. It’s as simple as enabling or disabling DNS over HTTPS in Windows 11. In case you are wondering, you can use any DNS service that supports DoH. Hope this helps. If you get stuck or need help, please comment below. YouTube video: In Windows 11, how to enable DNS over HTTPS (DoH)
  2. Enabling DNS over HTTPS in Windows 11
  3. YouTube video: In Windows 11, how to enable DNS over HTTPS (DoH)

What is DNS over HTTPS

Before we get into DNS over HTTPS (DoH), we first need to know what DNS means.

Simply put, the Domain Name System (DNS) translates human-readable website addresses into corresponding IP addresses. For example, if you try to open a website such as bing.com or google.com, the DNS server takes that domain name and translates it into the corresponding IP address. This is called a DNS query. Think of the DNS like a phone book. Without a DNS server, it would have to remember the literal IP address of each website. As you can imagine, that would not be good. The above is a very brief explanation of what DNS is. If you are interested, please read this Cloudflare blog post to understand more about DNS.

DNS queries are usually unencrypted. This means that anyone monitoring your network packets can easily see which websites you are visiting. This is true even if the website uses HTTPS protection. Unencrypted DNS queries are also susceptible to man-in-the-middle attacks. In these attacks, the attacker modifies the DNS response and redirects unsuspecting users to a malicious website.

When DNS over HTTPS is enabled, all DNS queries are encrypted. For DNS over HTTPS to work, both the operating system/application and the DNS server endpoints must be supported. Fortunately, the Windows 11 operating system and most major DNS services such as Cloudflare and Google Public DNS support DNS over HTTPS.

Enabling DNS over HTTPS in Windows 11

To enable DNS over HTTPS in Windows 11, follow these steps. Next, launch the “Settings” app by pressing the Windows key + I hotkey. In the “Settings” app, select “Network and Internet” in the sidebar and click the “Properties” option under the main heading.

Next, click the “Edit” button next to the “DNS Server Assignment” option. This will enable and configure the DNS over HTTPS feature.

Select “Manual” from the first drop-down menu. Next, turn on “IPv4”. Next, enter one of the following IP addresses in the “DNS Preferred” field. We recommend using Cloudflare DNS.

  • Cloudflare DNS – 1.1.1.1
  • Google Public DNS – 8.8.8.8
  • Quad9 – 9.9.9

“Preferred DNS encryption” drop-downSelect the “Encrypted only (DNS over HTTPS)” option from the menu.

Next, enter one of the following IP addresses in the “Alternative DNS” field. It is recommended that you use the same DNS service that you used in the “Preferred DNS” field. For example, we used Cloudflare DNS (1.1.1.1) as our Preferred DNS, so we use 1.0.0.1 as our Alternate DNS.

  • Cloudflare DNS – 1.0.0.1
  • Google Public DNS – 8.8.4.4
  • Quad9 – 149.112.112.112

Next, from the “Alternative DNS Encryption” drop-down menu, selectEncryption Only (DNS over HTTPS)”.

Finally, click the “Save” button to apply the DNS over HTTPS settings. Restart your computer so that all changes are applied to your operating system, and you are ready to go.

From this point on, all DNS queries made by your computer will be encrypted. You can check on this page to see if this is the case. If the DNS over HTTPS feature is working as intended, you will see “Yes” next to the “Using DNS over HTTPS (DoH)” header.

If you are using IPv6, it is recommended that you set up IPv6 DNS in the same way as IPv4 DNS. IPv6 DNS addresses that can be used for DoH setup, as well as preferred and alternate addresses, are listed below.

  • Cloudflare – 2606:4700:4700::1111 & 2606:4700::1001
  • Google Public DNS – 2001:4860:4860::8888 & 2001:4860:4860::8844
  • Quad9 – 2620:fe::fe & 2620:fe::9

That’s it. It’s as simple as enabling or disabling DNS over HTTPS in Windows 11. In case you are wondering, you can use any DNS service that supports DoH.

Hope this helps.

If you get stuck or need help, please comment below.

YouTube video: In Windows 11, how to enable DNS over HTTPS (DoH)


Rate article
We provide high-quality and detailed Windows tutorials