- To enable DoH on Windows 11, open Settings> Network & internet> Wi-Fi and manually configure the âDNS server assignmentâ setting.
- To check DoH configuration, open Settings> Network & internet> Wi-Fi, and check the âIPv4 DNS serversâ address, which should include an Encrypted label.
On Windows 11, you can enable DNS over HTTPS (DoH) for a more secure and private online browsing experience, and in this guide, I will teach you how to complete this configuration.
What is DNS over HTTPS?
DNS over HTTPS is a networking protocol designed to encrypt Domain Name System (DNS) queries using the Hypertext Transfer Protocol Secure (HTTPS) protocol. The main purpose of DoH is to protect these queries and increase user privacy and security by stopping malicious individuals from viewing and manipulating DNS traffic originating from your computer to prevent man-in-the-middle attacks.
Web browsers like Google Chrome and Mozilla Firefox already support this additional layer of security, but Windows 11 now natively supports DoH, which you can configure in the Settings app.
This guide will teach you the steps to enable DNS over HTTPS on Windows 11, which will make your online experience a little more private.
Enable DNS over HTTPS (DoH) on Windows 11
To configure DNS over HTTPS (DoH) on Windows 11, use these steps:
-
Open Start on Windows 11.
-
Search for Settings and click the top result to open the app.
-
Click on Network & internet.
-
Click the Ethernet or Wi-Fi tab (depending on the active connection).
Quick note: If you have a wireless connection, you need to click on the connection properties setting to access the settings.
-
Click the Edit button in the âDNS server assignmentâ setting.
-
Select the Manual option from the drop-down menu.
-
Turn on the IPv4 toggle switch.
-
Under the âPreferred DNSâ and âAlternate DNSâ sections, specify the primary and secondary DoH IP address from one of the supported services:
- Cloudflare:
- 1.1.1.1Â
- 1.0.0.1Â
- Google:
- 8.8.8.8
- 8.8.4.4Â
- Quad9:
- 9.9.9.9
- 149.112.112.112
-
Use the âDNS over HTTPSâ drop-down menu and select the On (automatic template)Â option, but you can also choose other encryption preferences, including:
- Off: Transmits all DNS traffic without encryption.
- On (automatic template): Sends all DNS traffic with encryption (recommended).
- On (manual template): This option allows you to specify a specific template. It is only required if the DNS service doesnât work automatically or has a template that works as expected.
-
Turn off the âFallback to plaintextâ toggle switch.
Quick tip: If you enable this feature, the system will encrypt DNS traffic, but it allows queries to be sent without encryption.
-
(Optional) Turn on the IPv6 toggle switch.
-
Under the âPreferred DNSâ and âAlternate DNSâ sections, specify the primary and secondary DoH IP address from one of the supported services:
- Cloudflare:
- 2606:4700:4700::1111
- 2606:4700:4700::1001
- Google:
- 2001:4860:4860::8888
- 2001:4860:4860::8844
- Quad9:
- 2620:fe::fe
- 2620:fe::fe:9
-
Select the On (automatic template)Â option in the âPreferred DNS encryptionâ setting.
-
Turn off the âFallback to plaintextâ toggle switch unless you want to allow traffic to be sent unencrypted when encryption isnât available.
-
Click the Save button.
Once you complete the steps, Windows 11 will encrypt DNS traffic over the HTTPS protocol.
Check DNS over HTTPS status
To check if DoH is working on Windows 11, use these steps:
-
Open Start.
-
Search for Settings and click the top result to open the app.
-
Click on Network & Internet.
-
Click the Ethernet or Wi-Fi tab.
-
The âIPv4 DNS serversâ address should include an Encrypted label under the âDNS server assignmentâ section.
After you complete the steps, you will know whether the DNS over HTTPS has been configured correctly on Windows 11.
Update May 7, 2024: This guide has been updated to ensure accuracy and reflect changes to the process.
Source: Pureinfotech