DNS over HTTPS (DoH) is one of the Internet protocols that is becoming more fashionable. Normally, DNS protocol queries and responses work through unencrypted UDP port 53, so anyone can capture private information with all our browsing. DNS over HTTPS adds a layer of security based on HTTPS for greater privacy. In this tutorial we are going to explain how to activate it in Windows 10 and in the main web browsers.
Why it is good to enable DNS over HTTPS (DoH)
The DNS protocol uses UDP port 53 mainly, and it does so with the exchange of messages (request – response) in clear text, therefore, anyone could capture that information to know what websites we are visiting. In addition, a very important detail is that Internet providers tend to block websites based on our DNS queries, intercepting all requests made. Thanks to the DNS over HTTPS protocol, we can avoid this censorship and improve the security and privacy of our Internet browsing, as long as we choose DNS servers over HTTPS that provide you with privacy guarantees, such as Cloudflare.
In a public WiFi network it can be very interesting to have DoH enabled, that is if you do not use a VPN service to have all your communications encrypted point to point. The advantages that we could obtain are the following:
- Prevent other users on the same network from seeing which websites we visit.
- You can prevent potential phishing or phishing attacks.
However, in the case of public Wi-Fi networks, in addition to using DoH, our recommendation is that you also use a VPN so that all traffic is encrypted from your device to the VPN server, to later go to the Internet.
How to configure DNS over HTTPS in Windows 10
It should be noted that while we have support for DNS over HTTPS (DoH) since the preview versions of Windows 10, this feature is not enabled by default. If we want to use DoH when making DNS queries in your applications or browsers, we can enable it manually from Settings or by adjusting the Windows registry.
If we want to use it, we must be in the development channel of the Windows Insider program and also have the operating system updated to compilation 19628 or higher. To enable DNS over HTTPS in versions in Windows 10, we have to follow these steps:
- In Ethernet connections (network cable connections), open “Configuration, Network and Internet”, and select “Status”. Then we click on “Properties” and select “Edit DNS options”.
- For Wi-Fi (wireless) connections, open the network page and click the properties link for the adapter, then select “Edit DNS options.”
Once these operations have been carried out, a screen like this will appear:
Here is a list of DNS servers over HTTPS (DoH) that we can use in Windows 10 systems, depending on whether you use the IPv4 or IPv6 network protocol.
It is expected that, if all goes well, we will have this feature later this year or early next in Windows 10 versions for all users, but currently we only have it available in the development version.
Enable DNS over HTTPS in Google Chrome
In Google Chrome, in order to use DNS over HTTPS (DoH) we must have version 83 of this browser or a later one, in previous versions this protocol was not incorporated. If we want to enable DoH in Google Chrome we have to go to settings. Next, we open the Privacy and security section .
The next step we have to take is to click on Security . In advanced configuration we look for « Use a secure DNS «.
In case the previous menu to configure DoH does not appear, as it is an experimental function, we could enable it like this:
- We write chrome: // flags / # dns-over-https in the address bar and press enter.
- We look for Secure DNS lookups and click on Enabled .
- We restart Chrome and follow the previous steps.
Once this is done, we will be using DNS over HTTPS in Google Chrome to protect our privacy on the Internet.
Enable DNS over HTTPS (DoH) in Microsoft Edge
To use DoH in the Microsoft browser, you need to download and install a build of Microsoft Edge Dev . The next thing we have to do is:
- We head to the Edge settings.
- There we select the section Privacy, search and services.
- Under Security, we look for the “Use secure DNS” option to specify how to find the network address for websites.
- Then we have to enable it by choosing the one from Google, Cloudflare as we have done on previous occasions.
Here’s an example of how to do it:
Enable DNS over HTTPS in Mozilla Firefox
The latest browser that supports DNS over HTTPS (DoH) is Firefox. In the case of wanting to activate it, we are going to follow these steps:
- We open the Firefox configuration.
- In “search” we put DoH and the network configuration section will appear. There we will press the button that is on the right and that puts configuration.
On the next screen we look for « Activate DNS over HTTPS «, here we recommend choosing Cloudflare and click on accept to finish. However, you can also put a DoH server that we want by selecting “Custom”.
As you have seen, currently Windows 10 and most of the main browsers (with Google Chrome and Firefox at the top) allow us to configure DoH very easily and quickly. Thanks to this new protocol to protect the DNS service, we will have privacy, since all data is encrypted in an HTTPS session, which underneath we have the secure TLS protocol.