How to Turn on DNS Over HTTPS in Windows 11

DNS over HTTPS (DoH) is a cutting-edge feature that encrypts your computer’s DNS queries, safeguarding your online activities, whether you’re surfing the web or engaged in other online tasks. In this tutorial, we will show you how to turn on DNS over HTTPS from a Windows 11 PC.

First, What is DNS over HTTPS?

dns over https

When you surf the web and type in a familiar domain name like "google.com," a behind-the-scenes magic trick unfolds. Your computer, like a diligent messenger, dispatches a request to a Domain Name System (DNS) server. This server holds the keys to the digital kingdom, seeking out the matching IP address for the domain name you entered from its vast directory. Once found, it promptly dispatches this secret code – the IP address – back to your computer, which joyfully uses it to connect you to the desired website.

In the past, this domain name retrieval dance occurred in plain sight, like an open book. Any rogue element lurking along the network path could seize these domain names, casting a shadow of doubt over your online privacy. That’s where DNS over HTTPS, fondly known as DoH, steps onto the stage, brandishing the banner of encryption.

With DoH, the conversation between your computer and a DoH-enabled DNS server becomes an enigmatic affair, hidden away from prying eyes. No eavesdroppers can intercept your DNS requests and peek at the addresses you’re gallivanting off to. Nor can they tamper with the responses from a DNS server, ensuring your online adventures remain secure and uninterrupted. It’s like a cloak of invisibility for your digital journeys, ensuring your online footprints stay private and your web experience stays smooth.

The Benefits of Using DNS over HTTPS on Windows 11

One of the primary benefits of DoH is the heightened level of privacy it offers. Traditional DNS requests are sent in plain text, making it relatively easy for ISPs, hackers, or other third parties to intercept and monitor your browsing habits. With DoH, your DNS queries are encrypted, preventing prying eyes from snooping on the websites you visit and the services you use.

In fact, DoH adds a layer of security by shielding your DNS requests from potential tampering. It helps guard against DNS spoofing attacks where malicious actors redirect your requests to fraudulent websites. With DoH, the integrity of your DNS data is preserved.

What is more, DoH can potentially lead to faster DNS resolution times. Some DoH providers have a global network of servers, reducing the latency in DNS lookups. Additionally, DoH can help mitigate issues like DNS hijacking or DNS-related outages, ensuring a more reliable internet connection.

Lastly, advertisers and data brokers often use DNS requests to track your online behavior. DoH can make it harder for these entities to collect data on your browsing habits, contributing to a more private online experience.

Best Free DNS Service with DoH Support

As of November 2023, Windows 11 introduces a noteworthy feature: DNS over HTTPS (DoH). However, it comes with a twist. DoH in Windows 11 operates with a predefined roster of trusted DNS services, cemented into its code. To unveil this cryptic list, simply fire up a Terminal window and enter the command "netsh dns show encryption." Here’s the lineup of the supported IPv4 DNS service addresses:

  • Google DNS Primary: 8.8.8.8
  • Cloudflare DNS Primary: 1.1.1.1
  • Quad9 DNS Primary: 9.9.9.9

For IPv6:

  • Google DNS Primary: 2001:4860:4860::8888
  • Cloudflare DNS Primary: 2606:4700:4700::1111
  • Quad9 DNS Primary: 2620:fe::fe

These trusted DNS services have been carefully chosen to ensure a secure and reliable browsing experience for Windows 11 users, offering enhanced privacy and protection while surfing the digital realm. This curated selection of DNS servers ensures that your DNS requests remain encrypted and shielded from prying eyes, adding an extra layer of security to your online activities.

How to Turn on DNS over HTTPS in Windows 11

To start the journey, you should turn on DNS over HTTPS (DoH) service on your Windows 11 PC.

Step1 : Open the Settings app from Windows 11 desktop and move to the "Network & Internet" option nestled in the sidebar.

windows network settings

Step 2: In the Network & Internet settings, you’ll encounter the names of primary internet connections, like "Wi-Fi" or "Ethernet." Choose the one that’s your digital chariot for browsing the online world.

Step 3: With your chosen network connection’s properties page now before you, let’s delve deeper. Seek out the "Hardware Properties" option and give it a click, like discovering a hidden treasure map.

windows hardware properties

Step 4: Under the hardware properties page, your quest shall lead you to the hallowed "DNS Server Assignment" option. It’s time to unveil its secrets. Click the "Edit" button right beside it, and you’re one step closer to securing your DNS connections with the magic of HTTPS.

windows dns assentment

Step 5: In the window that emerges like a hidden chamber, find the drop-down menu and gracefully select "Manual" DNS settings. Then, like flicking a switch, toggle the "IPv4" switch to the "On" position.

Step 6: In the IPv4 section, enter the primary DNS server address you’ve thoughtfully chosen from the section above. Place this sacred code in the "Preferred DNS" box, for example, "8.8.8.8." Likewise, bestow the secondary DNS server address in the "Alternate DNS" box, such as "8.8.4.4."

windows 11 encrypted dns over https

Note: If you don’t happen to witness the DNS encryption options at this point, it’s likely that you’re fiddling with the DNS settings for your Wi-Fi SSID. Correct this by ensuring you’ve selected the appropriate connection type in Settings > Network & Internet, followed by clicking "Hardware Properties" as your first step.

Step 7: From the Preferred DNS encryption menu, take a moment to activate "DNS Over HTTPs" by switching it to the "On" position.

Step 8: Now, let’s extend this cloak of protection to IPv6. Flip the IPv6 switch to the "On" position. Copy a primary IPv6 address from the section above, and with precision, paste it into the "Preferred DNS" box. Then, mirror this act with a matching secondary IPv6 address, placing it in the "Alternate DNS" box. Be vigilant in ensuring that DNS Over HTTPs is enabled, and then, with a sense of accomplishment, click "Save."

Step 9: Return to the Wi-Fi or Ethernet hardware properties page, and you’ll witness your DNS servers listed with a reassuring "(Encrypted)" beside each one of them, like sentinels guarding your online privacy.

dns over https windows 11 enabled

Your mission is nearly complete. Close the Settings app, and you’re ready to venture forth. Henceforth, all of your DNS requests will be shrouded in privacy and security, allowing you to browse the digital landscape with confidence and peace of mind. Happy browsing!

What Is to Do If Enabling DNS over HTTPS Failed?

While the path to DNS over HTTPS (DoH) enlightenment is paved with security and privacy, occasional bumps along the way can’t be ruled out. If you happen to encounter network problems after making these transformative changes, here’s a compass to guide you through the mist:

The first rule of thumb is to ensure you’ve entered the IP addresses with impeccable precision. A simple typo can render your DNS servers unreachable, so inspect your entries closely. Verify that the primary and secondary DNS server addresses are accurate, matching the values you intended to set.

IPv6 can sometimes be a tricky companion. If your network woes persist despite accurate IP addresses, consider disabling the "IPv6" switch in the DNS servers list. It’s possible that configuring IPv6 DNS servers on a computer lacking IPv6 connectivity could be the culprit behind your connectivity issues.

By following these troubleshooting steps, you’ll be better equipped to navigate any network turbulence that may arise on your journey towards a safer and more secure online experience with DNS over HTTPS. Remember, perseverance and vigilance are your allies in this quest for online privacy and protection.

FAQs about DNS over HTPPS on Windows 11

Which DNS providers support DoH on Windows 11? Windows 11 comes with a predefined list of DNS providers that support DoH. You can choose from this list when configuring DoH settings. Some common providers include Google DNS, Cloudflare, and OpenDNS.

Does enabling DoH impact my internet speed? In most cases, enabling DoH should not significantly impact your internet speed. In fact, it may improve DNS resolution times due to the efficient infrastructure of some DoH providers. However, performance can vary depending on your chosen DNS provider and network conditions.

Can I use DoH with any web browser on Windows 11? Yes, DoH operates at the system level, so it can be used with any web browser or application that relies on DNS queries. It encrypts DNS requests for all internet-bound traffic, regardless of the browser you use.

Is DoH the same as VPN for online privacy? No, DoH and VPN (Virtual Private Network) serve different purposes. DoH focuses on encrypting DNS queries, while a VPN encrypts all your internet traffic, routing it through a secure server. While both enhance privacy, VPNs offer a broader scope of protection, including concealing your IP address and encrypting data traffic. DoH primarily secures DNS-related communications.

Final Words

DNS over HTTPS (DoH) on Windows 11 represents a significant advancement in online privacy and security.  It provides numerous benefits, including enhanced privacy, protection against DNS spoofing, improved speed and reliability, and reduced tracking by advertisers. Windows 11 offers a user-friendly interface for enabling DoH, making it accessible to a wide range of users.

As DoH becomes more widely adopted, it serves as a crucial tool in ensuring a safer and more private online experience in an era where digital privacy is of paramount importance. By answering common questions and demystifying DoH, users can make informed decisions about implementing this technology, ultimately fortifying their online presence and enjoying a more secure and private browsing experience on Windows 11.