How to enable DNS over HTTPS in Windows 11

This tutorial will show you step by step how to enable DNS over HTTPS in Windows 11.

DNS over HTTPS (DoH) is an internet security protocol that improves privacy and security by encrypting your DNS requests. The benefits of DoH are that encrypting DNS requests helps hide your online activities and ensures that attackers cannot forge or alter DNS traffic.

Choose a free DNS service supported by Windows 11

At this moment, the Windows 11 DNS over HTTPS feature only works with a few DNS services.

You can see the list by running the netsh dns show encryption command in a Windows Terminal window (right-click on the Start menu button > Windows Terminal).

Show list of supported DNS services in Windows 11

The DNS services supported by Windows 11 are Google DNS, Cloudflare DNS, and Quad9 DNS.

Here's the list of supported IPv4 DNS service addresses:

Here's the list of supported IPv6 DNS service addresses:

You'll need to choose two pairs of these DNS servers to enable DNS-over-HTTPS in Windows 11, primary DNS and secondary DNS for IPv4 and IPv6.

Related: IPv4 vs IPv6: What's the difference and which one is better?

Enable DNS over HTTPS in Windows 11

1. Right-click on the Start menu button and click on Settings. You can also press the Windows + I keys on your keyboard to open settings.

Open Windows 11 settings

2. Click on Network & Internet in the left menu.

Open Windows 11 Network and Internet settings

3. Click on WiFi or Ethernet. If your PC is connected to the Internet through WiFi, then you click on WiFi. If your PC is connected to the Internet through an Internet (LAN) cable, then you click on Ethernet.

Open Windows 11 Internet connection settings

4. Click on Hardware properties.

Open Windows 11 internet connection hardware properties

5. Find the DNS server assignment option and click on the Edit button next to it.

Windows 11 DNS server assignment settings

6. Click on the drop-down menu button and select Manual.

Manual DNS settings

7. Click on the Ipv4 button to turn it to On.

8. In the Preferred DNS field, you enter the primary DNS server address of your choice (e.g., 8.8.8.8 or 1.1.1.1).

9. Click on the drop-down menu button below Preferred DNS encryption and select Encrypted only (DNS over HTTPS).

10. In the Alternative DNS field, you enter the secondary DNS server address of your choice (e.g., 8.8.4.4 or 1.0.0.1).

11. Click on the drop-down menu button below Preferred DNS encryption and select Encrypted only (DNS over HTTPS).

IPv4 DNS settings

12. Click on the Ipv6 button to turn it to On.

13. In the Preferred DNS field, you enter the primary DNS server address of your choice (e.g., 2001:4860:4860::8888 or 2606:4700:4700::1111).

14. Click on the drop-down menu button below Preferred DNS encryption and select Encrypted only (DNS over HTTPS).

15. In the Alternative DNS field, you enter the secondary DNS server address of your choice (e.g., 2001:4860:4860::8844 or 2606:4700:4700::1001).

16. Click on the drop-down menu button below Preferred DNS encryption and select Encrypted only (DNS over HTTPS).

IPv6 DNS settings

17. Click on the Save button.

That's it! All of your DNS requests will be private and secure.

Encrypted DNS

18. You can close the settings window now.



Maybe you're also interested in:

How to use Private DNS on an Android phone

How to set up DNS on any Android phone

IPv4 vs IPv6: What's the difference and which one is better?


References:

HowToGeek.com: How to Enable DNS Over HTTPS on Windows 11

Wikipedia.org: DNS over HTTPS

Cloudflare.com: DNS over HTTPS