Skip to main content
DNS Blocks
Search

Encrypted DNS Setup Guide

Complete guide to setting up encrypted DNS (DoH/DoT) on all major platforms to bypass ISP filtering and protect your DNS queries.

📖 15 min read 🔧 Technical Updated: Jan 2025

What is Encrypted DNS?

Encrypted DNS (DNS over HTTPS/DoH and DNS over TLS/DoT) protects your DNS queries from being monitored, modified, or blocked by your internet service provider. This is especially important in countries with internet censorship or surveillance.

Recommended DNS Providers

Cloudflare (1.1.1.1)

Fast, privacy-focused, supports both DoH and DoT

1.1.1.1

Quad9 (9.9.9.9)

Blocks malware domains, good security

9.9.9.9

Google (8.8.8.8)

Reliable, widely supported

8.8.8.8

OpenDNS (208.67.222.222)

Good filtering options, parental controls

208.67.222.222

Windows Setup

Method 1: Windows Settings (DoH)

  1. Open SettingsNetwork & InternetEthernet or Wi-Fi
  2. Click on your connection name
  3. Scroll down to DNS server assignment
  4. Select Manual and toggle IPv4 on
  5. Enter 1.1.1.1 as preferred DNS
  6. Select Encrypted only (DNS over HTTPS)
  7. Click Save

Method 2: Command Line (DoT)

netsh dns add encryption server=1.1.1.1 dohtemplate=https://cloudflare-dns.com/dns-query

macOS Setup

System Preferences Method

  1. Open System PreferencesNetwork
  2. Select your connection and click Advanced
  3. Go to DNS tab
  4. Click + and add 1.1.1.1
  5. Click OK and Apply

Terminal Method (DoH)

sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder

Linux Setup

systemd-resolved (Ubuntu/Debian)

sudo nano /etc/systemd/resolved.conf
# Add: DNS=1.1.1.1#cloudflare-dns.com
sudo systemctl restart systemd-resolved

NetworkManager (Most Distros)

nmcli connection modify "Your Connection" ipv4.dns "1.1.1.1"
nmcli connection up "Your Connection"

Mobile Setup

Android

  1. Open SettingsConnectionsWi-Fi
  2. Long-press your network → Modify network
  3. Advanced options → IP settings: Static
  4. Set DNS 1: 1.1.1.1
  5. Set DNS 2: 1.0.0.1
  6. Save and reconnect

iOS

  1. Open SettingsWi-Fi
  2. Tap the i next to your network
  3. Configure DNS → Manual
  4. Add server: 1.1.1.1
  5. Add server: 1.0.0.1
  6. Save

Router Setup

For network-wide protection, configure your router:

  1. Access router admin panel (usually 192.168.1.1)
  2. Find DNS Settings or WAN Settings
  3. Set Primary DNS: 1.1.1.1
  4. Set Secondary DNS: 1.0.0.1
  5. Save and restart router

Testing Your Setup

Verify your DNS is working correctly:

  1. Visit 1.1.1.1/help
  2. Check that "Using DNS over HTTPS (DoH)" shows "Yes"
  3. Test with our DNS tools

Troubleshooting

Common Issues

  • Slow loading: Try a different DNS provider
  • Not working: Check if your ISP blocks encrypted DNS
  • Mobile issues: Some carriers block DoH/DoT

Alternative Methods

If encrypted DNS is blocked, try:

  • Using a VPN with custom DNS
  • Tor Browser for maximum anonymity
  • Different DNS providers or ports

⚠️ Important Security Note

While encrypted DNS protects your queries from your ISP, it doesn't hide which websites you visit. For complete privacy, consider using a VPN or Tor Browser in addition to encrypted DNS.