DNS over HTTPS (DoH) adds a layer of security when requesting to visit any website. The request is unencrypted when not enabled, and anyone can snoop on it and hack your data.

Though browsers like Chrome, Firefox, and Edge already support this protocol, Windows now supports it natively, which means you can use any browser of your choice and still be safe and sound over the Internet.

How Exactly Does DoH Work?

Whenever you try to visit a website, the request is sent to a DNS server that finds the website's IP address and redirects you there. Without DoH, this sending and receiving of requests is unencrypted, allowing anyone to intercept and tamper with it.

For the more tech-savvy ones, DoH is a networking protocol that encrypts DNS queries using the HTTPS protocol. Basically, the protocol ensures user privacy and security and disallows anyone to manipulate DNS traffic, and makes you immune from malicious attacks like man-in-the-middle.

Enable DNS Over HTTPS from Settings App

First, head to the Start Menu and click on the 'Settings' icon to proceed. Alternatively, you can also press Windows+I keys to open the Settings window.

After that, click on the 'Network & internet' tab from the left sidebar to continue.

Next, from the right section, click on the 'Wi-Fi'/'Ethernet' tile, depending on which medium you are using currently.

Then, if you selected the 'Wi-Fi' tile, on the next screen, click on the currently connected network tile to proceed.

Afterward, scroll to locate the 'DNS server assignment' and click 'Edit' to continue. This will open a separate window on your screen.

On the next screen, select 'Manual' from the drop-down menu.

Now, turn on the toggle for 'IPv4' to access the settings. After that, click on the dropdown for 'DNS over HTTPS' and select one of the options. For your better convenience, we have provided a gist for each of them:

  • Off: All data is transmitted without any encryption.
  • On (Automatic Template): All DNS data is sent with encryption. This is the recommended option.
  • On (Manual Template): This enables you to set a specific template for DNS traffic. Use this only if DNS doesn't work automatically or your app requires you to connect to a specific server.

Ensure the toggle for 'Fallback to plaintext' is disabled. When enabled, the system will encrypt the DNS traffic, but all the queries will be sent without encryption.

Now, you will have to specify the DNS server as well. Type or copy+paste one of the below-mentioned addresses in the 'Preferred DNS' and 'Alternate DNS' fields. The below-mentioned DNS servers are reliable and free to use.

  • Cloudflare: 1.1.1.1 or 1.0.0.1
  • Google: 8.8.8.8 or 8.8.4.4
  • Quad9: 9.9.9.9 or 149.112.112.112

If your ISP works on an IPv6 address, turn on the toggle for it. In case you do not have an idea about it, leave as is.

In case you have also enabled the IPv6 option. Below are the DNS servers you can use:

  • Cloudflare: 2606:4700:4700::1111 or 2606:4700:4700::1001
  • Google: 2001:4860:4860::8888 or 2001:4860:4860::8844
  • Quad9: 2620:fe::fe or 2620:fe::fe:9

Once you have configured the properties according to your preferences, click 'Save' to apply the changes.

Check if DNS Over HTTPS is Working

To check if the DoH is set and working properly, head to the Settings app and click on the 'Network & Internet' tab from the left sidebar.

upload in progress, 0

Then, click on 'Wi-Fi'/'Ethernet' depending on which you enabled the DoH settings for.

upload in progress, 0

Now, scroll down to the 'DNS server assignment' field. It should read 'Encrypted' on the tile.

It is crucial that you keep your Internet activity safe from intruders and people with malicious intent, and DoH lets you do that very easily. It is not a utility but a necessity in today's age.