This post shows students and new users how to enable DNS over HTTPS or DoH when using Windows 11.
DNS over HTTPS or DoH is a protocol for performing remote domain name system queries over HTTPS. It was created to enhance user privacy and security by preventing eavesdropping.
Enabling DNS over HTTPS (DoH) in Windows 11 enhances user privacy and security by encrypting DNS traffic. The standard DNS protocol without HTTPS allows someone with the correct device to sit in the middle and eavesdrop on your traffic. This is known as a man-in-the-middle attack.
This individual could also manipulate your DNS traffic and take it over, making it seem like you’re communicating with the appropriate resources or websites. Using DoH ensures that your DNS queries are encrypted, which makes it difficult for someone to intercept or manipulate your data.
Switch to DoH in Windows 11
To set Windows 11 up with DoH protocol and IP addresses, click on Start and go to Settings, as shown in the image below.
In the Systems Settings page, locate the sidebar on the left and click “Network & internet.” In the options to the right of the window, select “Ethernet.“
Select the Network device you want to switch to DoH on the Ethernet settings page. You’ll have to configure each profile if your system has more than one Network device, such as Wired and Wi-Fi.
On my machine, I only have a wired network interface.
Select the Network you’re working with and scroll down to DNS server assignment. Click Edit and change the Manual.
When you select Edit, on the next screen, choose Manual. Then, type in the preferred and alternative DNS server IP addresses of your choice for IPv4 and IPv6.
The table below gives you some choices to use.
For IPv4 DNS servers:
| Google Public IPv4 DNS | Preferred DNS | 8.8.8.8 | Alternate DNS | 8.8.4.4 |
| Cloudflare Public IPv4 DNS | Preferred DNS | 1.1.1.1 | Alternate DNS | 1.0.0.1 |
| Quad9 Public IPv4 DNS | Preferred DNS | 9.9.9.9 | Alternate DNS | 149.112.112.112 |
For IPv6 DNS servers:
| Google Public IPv6 DNS | Preferred DNS | 2001:4860:4860::8888 | Alternate DNS | 2001:4860:4860::8844 |
| Cloudflare Public IPv6 DNS | Preferred DNS | 2606:4700:4700::1111 | Alternate DNS | 2606:4700:4700::1001 |
| Quad9 Public IPv6 DNS | Preferred DNS | 2620:fe::fe | Alternate DNS | 2620:fe::fe:9 |
Complete the DNS entries with the IP addresses below for all your networks and save.
Before saving the IP address change, select Encrypted only (DNS over HTTPS), as shown in the image, and save.
Save and exit.
When you’re done, your DNS profile should look similar to the ones in the image below:
That’s it!
Repeat the steps above for your Wi-Fi network interface and others on the list.
Conclusion:
- Enabling DNS over HTTPS (DoH) on Windows 11 significantly improves security by encrypting DNS queries.
- Protects against eavesdropping and man-in-the-middle attacks, ensuring your online privacy.
- Enhanced privacy settings enable you to choose between various reliable DNS server providers.
- Easy to set up with a straightforward configuration process in the Network Settings.
- Remember to apply the same steps to all network profiles for comprehensive protection.
Leave a Reply