HomeTech info

How to Enable DNS over HTTPS for All Apps in Windows 11

Enabling Windows 11's system-level DoH will enable DNS over HTTPS for all browsers and Internet-facing apps on your computer.

Microsoft has added DNS over HTTPS (DoH) feature to enhance security and privacy on Windows 11. With this new feature, Windows 11 users will not be tracked for their internet activities.

When you connect to a website or server on the internet, your computer must query a domain name system (DNS) server for the IP address associated with the hostname.

DoH allows your computer to perform these DNS lookups over an encrypted HTTPS connection instead of through plaintext DNS lookups. This makes it impossible for your internet service provider (ISP) and surveillance agencies to get your information.

DoH even helps users access blocked websites by monitoring DNS traffic.

Microsoft initially released DoH in Windows 10 20185 build for Windows Insider Program users for testing purposes, but they removed it after a few more builds.

Now, on Windows 11 Microsoft has re-enabled DoH and users can experience it right on the Windows 11 Insider Preview version.

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 1How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 1

 

How to enable DNS over HTTPS Windows 11

First, to experience DoH on Windows 11, you must install Windows 11 Insider Preview first. You can refer to how to join the Windows Insider Program to experience Windows 11 Insider Preview in the article below:

Then, you enable DoH on Win 11 by following these steps:

  1. Access Settings by pressing Windows + I or clicking Start then clicking Settings

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 2How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 2

  1. You go to Network & Internet settings

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 3How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 3

  1. Here, click on WiFi or Ethernet depending on your needs, then select Edit in the DNS server assignment section . With WiFi networks, you can find DNS server assignment in the Hardware properties section .

 

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 4How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 4

  1. On the new window, click on the drop-down menu below Edit DNS settings and select Manual

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 5How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 5

  1. You switch the button on IPv4 from Off to On then enter a DNS you like in the Preferred DNS box (for example 1.1.1.1)

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 6How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 6

  1. Once you're done, the Preferred DNS encryption box below will be enabled for you to choose the encryption method you want. These include:
    1. Unencrypted only - Use standard unencrypted DNS
    2. Encrypted only (DNS over HTTPS) - Uses only DoH servers
    3. Encrypted preferred, unencrypted allowed - Attempts to use DoH servers but if none are available will fall back to standard insecure DNS encryption

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 7How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 7

 

  1. You choose a DNS security method then click Save
  2. Additionally, you can also enter a backup DNS in the Alternate DNS encryption section . Of course, you can also choose the security method for the backup DNS.

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 8How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 8

DNS servers that support DoH on Windows 11

At this time, Microsoft says the following DNS servers support DoH and can be automatically used by Windows 11's DNS over HTTPS feature:

  1. Cloudflare: 1.1.1.1 and 1.0.0.1
  2. Google: 8.8.8.8 and 8.8.8.4
  3. Quad9: 9.9.9.9 and 149.112.112.112

How to Check if DNS over HTTPS is Configured on Windows 11

To check if DNS over HTTPS is configured on your Windows 11, you can use the following commands:

With netsh:

netsh dns show encryption

With PowerShell:

Get-DnsClientDohServerAddress

Microsoft also allows administrators to create their own DoH servers using the following commands:

With netsh:

netsh dns add encryption server=[resolver-IP-address] dohtemplate=[resolver-DoH-template] autoupgrade=yes udpfallback=no

With PowerShell:

Add-DnsClientDohServerAddress -ServerAddress '[resolver-IP-address]' -DohTemplate '[resolver-DoH-template]' -AllowFallbackToUdp $False -AutoUpgrade $True

Manage DoH via Group policies

Microsoft is also adding the ability to manage Windows 11 DNS over HTTPS settings via Group policies. Microsoft has added a policy called "Configure DNS over HTTPS (DoH) name resolution" under Computer Configuration > Administrative Templates > Network > DNS Client.

  1. First, open Group policies by clicking Start, then typing gpedit.msc, then pressing Enter. Note, Group policies do not support Windows 11 Home version.
  2. Then you go to Computer Configuration > Administrative Templates > Network > DNS Client

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 9How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 9

  1. Find Configure DNS over HTTPS (DoH) name resolution in the right pane and double-click it
  2. Here you can enable/disable or configure DoH

How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 10How to Enable DNS over HTTPS for All Apps in Windows 11 Picture 10

Good luck!

5 ★ | 1 Vote

You should read it

Maybe you are interested

Tech info