DNS over HTTPS (DoH) is a privacy feature that was possible in Windows 10 using multiple methods but was never an option that allows any consumer to use this. This has changed in Windows 11. Windows Network Settings now allows consumers to switch to fully encrypted from an unencrypted network. This phone will show you can use the DNS over HTTPS privacy feature in Windows 11.
What is DNS-over-HTTPS?
I am sure most of us now know HTTPS when visiting a website. The same has been implemented for DNS queries. Every time you access a website, the request is sent over a secure, encrypted network to the DNS or Domain Name Resolution server. This method makes sure no man in the middle attack can tamper with the request and take you to a compromised website.
How to use the DNS over HTTPS (DoH) in Windows 11
- Open Windows Settings (Win + I)
- Click on Network and Internet
- Depending on how PC or Laptop connected, click on Ethernet or Wireless
- It will reveal the Ethernet or WiFi settings and reveal all the control options that allow you to modify the network. Click on the Edit button next to the DNS server assignment.
- Once the Edit DNS settings window shows up, switch from Automatic to Manual using the dropdown allowing you to use DoH. Select Manual, and then toggle on IPv4 or IPv6, depending on what you are using on your PC.
- Next, type in the DoH server IP address, and then from the preferred DNS Encryption, select Encrypted Only. Repeat the same for Alternate DNS. You can even mix-match by using Google DNS as primary and Cloudflare DNS as secondary.
Finally, Click on the Save button to complete the changes. Post this, any query made from the browser or application will be using DNS over HTTPS.
In the Network Setting, you should see Encrypted next to the IPv4 or IPv6 DNS Servers.
What are the types of DNS Encryption options available in Windows
- Unencrypted—Default unencrypted DNS.
- Encrypted—Use DoH servers only.
- Encrypted preferred, unencrypted only—The first preference is DoH, but it will use the unencrypted DNS if it’s unavailable.
List of DNS Over HTTPS services that work on Windows
There are tons of DoH available, and while most of them will work, it is recommended to use the popular ones such as Cloudflare (126.96.36.199 and 188.8.131.52 ), Google ( 184.108.40.206 and 220.127.116.11 ), and Quad9 (18.104.22.168 and 22.214.171.124) DNS servers.
How to enable DoH via Group Policy
If you love to use Group Policy for everything or if you are an IT admin who needs to manage computers via Group Policy, then DNS over HTTPS can be controlled using Group Policies. This works on all Windows versions, including Home, but you need to enable it on the Windows Home version.
Press Win + R to open the Run prompt
Type gpedit.msc and press the Enter key.
In the GP Editor, navigate to the following path.
Computer Configuration > Administrative Templates > Network > DNS Client
Click on the policy—Configure DNS over HTTPS(DoH) name resolution—and choose to enable it from the dropdown.
Next, locate the policy—DNS servers—and set the IP address
Apply the changes, and you are good to go.
How to enable DoH using Registry Method
While you can follow the same method which we used in Windows 10, but you don’t need it as DoH is available through the settings. It involves the creation of a DWORD—EnableAutoDoh—in the registry.
Should you use DNS over HTTPS?
Yes. It is important that not your ISP, not any software, or anybody else can spoof what you are querying from the computer to DNS. It makes sure you are not directed to a website that can steal your data.
Can ISP see DNS over HTTPS?
No, they cannot because you are not using their DNS. While they man monitors the website, but ISPs can not in any way compromise this.
Is DNS over HTTPS faster?
It can be. DNS means Domain Name Resolver, and the faster it is, the faster you connect to the website and resource. Cloudflare and Google are known to be the fastest DNS providers, and they will improve your experience.
How do I know if my DNS is working HTTPS?
Cloudflare offers a webpage that can check this setting. When you visit the page, click on Check my browser, and it will reveal any missing security measures. If you do not want to use
It is interesting to note that DNS over HTTPS was once enabled in Windows 10 in one of the insider builds but was taken away. It wouldn’t be surprising if they chose to enable it again in the future. It goes without saying that you should ditch your local ISP’s DNS IP address and choose Google, Cloudflare DNS, which offers DNS over HTTPS privacy feature in Windows 11 or any other OS.
TIP: It is also possible to enable DNS over HTTPS in Firefox, Chrome, Edge, Opera, etc.