Credit: Gavin Phillips / MakeUseOf
The internet is full of TLAs. Oh, sorry, that’s “three-letter acronyms,” and as you’ll know, there are more than you could care to remember. But there is one that I think you should be paying attention to, for a couple of reasons.
DNS over HTTPS (DoH) is designed to boost your privacy and security online and is a feature that almost all operating systems and browsers now support out of the box. Sounds great, right? Not everyone is thrilled about it, and more than a few people are ignoring it completely. So, what exactly is DNS over HTTPS?
What the Heck Is DNS Over HTTPS?
Wait, what is DNS?
Credit: Gavin Phillips / MakeUseOf
Before I can really get into DNS over HTTPS, I need to talk about DNS itself.
The Domain Name System (DNS) …
Credit: Gavin Phillips / MakeUseOf
The internet is full of TLAs. Oh, sorry, that’s “three-letter acronyms,” and as you’ll know, there are more than you could care to remember. But there is one that I think you should be paying attention to, for a couple of reasons.
DNS over HTTPS (DoH) is designed to boost your privacy and security online and is a feature that almost all operating systems and browsers now support out of the box. Sounds great, right? Not everyone is thrilled about it, and more than a few people are ignoring it completely. So, what exactly is DNS over HTTPS?
What the Heck Is DNS Over HTTPS?
Wait, what is DNS?
Credit: Gavin Phillips / MakeUseOf
Before I can really get into DNS over HTTPS, I need to talk about DNS itself.
The Domain Name System (DNS) is often referred to as “the internet’s phone book.” It’s a useful analogy, but it doesn’t tell the whole story of how vital DNS is to how the internet functions.
Basically, when you type a website name like makeuseof.com into your browser, your computer doesn’t actually understand that text. It asks a DNS server to translate the domain into a numerical IP address to help route your request to the correct server holding the information.
Traditionally, those DNS lookups are sent in plaintext. That means anyone monitoring your connection — your ISP, a network admin, even someone on the same Wi-Fi — can see which websites you’re requesting, even if the rest of your traffic is encrypted with HTTPS.
But there is a way to change that and protect your DNS requests from prying eyes: DNS over HTTPS.
Instead of broadcasting your Domain Name System requests in plaintext, DNS over HTTPS encrypts your requests so that they’re unreadable by outside sources. DoH uses the same encryption standards as those that protect your web traffic, as part of the HTTPS standard that secures most of the web.
The vast majority of modern browsers support DoH, and in some cases, it’s turned on automatically. Furthermore, if you use a third-party DNS provider, there is a good chance it comes with DNS over HTTPS by default. Changing your DNS settings is a handy way to boost your privacy, and you may also notice a slight speed increase.
If DNS over HTTPS is so good, why isn’t everyone using it?
I’d use it if I were you
Now, that’s a good question. Something everyone lacks is online privacy, so surely everyone should jump at the chance to use DNS over HTTPS? In fairness, I think most people switch DoH on once they learn what it is, but that’s where the problem lies: no one really knows what it is and why it’s there.
It isn’t a case of ignoring DNS over HTTPS; it’s just that many folks don’t know it exists to begin with. By extension, many folks also don’t realize that sending DNS requests in plaintext is a problem; it doesn’t affect how they use the internet, so why make the change?
| Why People Love It | Why People Hate It |
|---|---|
| **Privacy protection. **Encrypting DNS queries hides which websites you visit from your ISP, your workplace, and anyone snooping on public Wi-Fi. | **Centralization. **Many browsers use a handful of big providers (Cloudflare, Google), concentrating power in a few hands. |
| **Security improvements. **Prevents DNS hijacking and manipulation, reducing the risk of fake redirects and phishing sites. | **Breaks filters and parental controls. **DoH bypasses local DNS resolvers, so school, home, or corporate filters often stop working. |
| **Automatic setup. **Most browsers now handle DoH automatically. You don’t need to tweak network settings or install anything extra. | **Troubleshooting headaches. **Network admins can’t inspect encrypted DNS traffic, making diagnosing problems or blocking malicious domains harder. |
| **Censorship resistance. **Encrypted DNS makes it more difficult for ISPs or governments to block websites at the DNS level. | Performance and reliability issues. Encryption adds a small delay, and relying on a single resolver can create points of failure. |
| **User control. **Power users can choose privacy-focused resolvers or even run their own encrypted DNS server. | Trust trade-off. Instead of trusting your ISP, you’re trusting another third-party DNS provider who still sees your queries. |
When I first enabled DoH in Chrome, the difference wasn’t visible — websites didn’t suddenly load faster or look different. But under the hood, my ISP could no longer see which domains I was visiting. It’s a small but worthwhile privacy boost that anyone can make.
Switch on DNS over HTTPS in your browser to claw back some privacy
It’s really simple to enable in your browser
Changing your browser settings to use DoH by default is a straightforward process, but it goes by different names. For example, it’s known as secure DNS in Chrome and Edge, while Firefox calls it DNS over HTTPS.
I’m not going to give you a step-by-step breakdown of how to find the DNS over HTTPS settings in every browser. However, I tried to find the DoH settings in the most popular browsers, including Chrome, Edge, Firefox, Opera, and Vivaldi (Safari doesn’t support DoH at the browser level, but it is available in macOS), and the following steps worked each time:
- Open your browser and head to the Settings menu.
- Input DNS in the search bar.
- Scroll through and find the highlighted DNS sections, then toggle either secure DNS or DNS over HTTPS.
Your browser will now protect any DNS requests.
You can also enable DNS over HTTPS in your operating system
This protects your whole system, not just your browser
If you want to go one step further than protecting DNS requests in your browser, you can also enable DoH for your entire operating system. The process for this varies between operating systems, but the option is available in Windows, macOS, most Linux distros, and Chrome OS.
Start by choosing a secure DNS provider that offers DNS over HTTPS; I’d suggest going for Quad 9 and using Cloudflare for backup.
| Provider | IPv4 DNS Addresses | IPv6 DNS Addresses |
|---|---|---|
| Cloudflare | + 1.1.1.1 + 1.0.0.1 | + 2606:4700:4700::1111 + 2606:4700:4700::1001 |
| Quad9 | + 9.9.9.9 + 149.112.112.112 | + 2620:fe::fe + 2620:fe::9 |
Then, you’ll need to head into the internet connection settings in your operating system.
How to change your Windows 11 DNS settings
- Press **Win + X **to open the Power User Menu and select Network Connections.
- Select Advanced network settings. Then, select the network adapter you’re using, be that Wi-Fi or Ethernet.
- From the dropdown, alongside More adapter options, select Edit.
- Highlight Internet Protocol Version 4 (TCP/IPv4) and click Properties. Then, navigate to the Use the following DNS server addresses option. Now, enter one of the IP addresses from the section above, depending on which DNS provider you want to use. Once entered, click OK to save these settings.
- You’ll be returned to the Properties menu. From here, select Internet Protocol Version 6 (TCP/IPv6) and click Properties. Repeat the process for IPv6 DNS servers. Click OK to save your IPv6 DNS settings.
Once you’re done, close the settings window. You can start browsing the web once again.
How to change your macOS DNS settings
To change your DNS on macOS:
- Open System Preferences.
- Click Network > Advanced.
- Navigate to the DNS tab.
- Unlike on Windows, you can add and remove DNS servers using the + and - buttons on the window’s bottom left. Once you’ve clicked the + icon, you can enter the IP address of your desired provider.
Like Windows, once you confirm the settings, your new DNS provider will be in use.
How to change your DNS settings on Linux
Given the numerous Linux distributions, the method for changing DNS varies. Furthermore, you can change your DNS settings on Linux via the user interface or through the command line, adding extra options. Considering this, I won’t delve into how to change DNS settings on each Linux distribution; that would be a mammoth undertaking. However, you can check out how to change your Linux DNS settings in GNOME, KDE, and using the terminal, as well as how to change your DNS settings on Ubuntu.
Don’t mess around; enable DNS over HTTPS today
Given the benefits of DoH and the lack of real downsides, it’s worth switching on DNS over HTTPS immediately. Yes, there are some considerations. You’re moving trust from your ISP to a different third-party, which, for some, is just passing the buck.
However, when you consider the overall benefits of DNS over HTTPS, it’s a simple choice to make.