Sunday, April 30, 2023

Enable DNS over HTTPS in Windows 11, also known as DoH

 


You can enable DNS over HTTPS in Windows 11 using four methods reviewed in this post. Microsoft updated the Settings app, so it is now easy to configure this feature with just a few clicks.

 

 

DNS-over-HTTPS (DoH) is a modern security protocol for the Internet. The idea behind it is to protect the users' privacy and security by encrypting DNS data transferred between the client and server devices. This excludes man-in-the-middle attacks, since DoH is using HTTPS. This requires a DoH supported server to resolve encrypted DNS queries coming from users.

This post will show you various methods of how to enable DoH in Windows 11.

 

 

How to Enable DNS over HTTPS in Windows 11 (DoH)

  1. Open the Settings app by pressing the Win + I keys.
  2. Open the Network & internet page.
  3. Click on the Properties button on the right.

 


 On the next page, click the Edit button under DNS server assignment.

 


 


  1. Select Manual from the drop-down list at the top of the page.
  2. Specify the DNS server addresses that support DoH using the reference table below.
  3. Select Encrypted only (DNS over HTTPS) from the in the Preferred DNS encryption and Alternate DNS encryption drop-down menus.


 

  1. If your connection supports IPv6, repeat the previous steps for the its configuration.
  2. Finally, click on the Save button.

You are done. To check if the DoH feature actually works on your device, scroll down the contents of the Network & internet > Properties page. You should see "Encrypted" next to the DNS address value.

 


 

You can use the following public DNS over HTTPS servers.

The list of public DNS servers that support DoH


 

 

The alternative method is to enable DoH in the Registry. Use it if for some reason the above method fails, or the Settings app doesn't work in your session.

Turn on DNS over HTTPS in the Registry

  1. Press Win + R and type regedit in the Run box and hit Enter.
  2. In Registry Editor, navigate to the following path. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters.
  3. On the right, modify or create a new 32-Bit DWORD value EnableAutoDoh.
  4. Set its value to 2 
  5.  

  6.  Restart Windows 11.

 

This will activate DNS over HTTPS, so Windows will start sending and receiving DNS traffic through secure, encrypted servers. However, you need to specify the proper DNS server address. Again, use one servers listed in above mentioned table.

Here is how you can change a DNS server address in Windows 11 without using the Settings app.

 


 

Facebook 

21thsoft 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)