Buzz
Microsoft has started integrating and supporting the activation of DNS over HTTPS (DoH), also known as DoH, on Windows 10 Build 19628. DNS over HTTPS (DoH) is designed to enhance the security of web browsing by encrypting DNS requests through the HTTPS protocol. DoH can prevent Man-in-the-Middle (MitM) attacks because DNS requests are currently sent in plain text.
Guide on how to enable DNS over HTTPS on Windows 10
Windows Insiders in the Fast ring installing Windows 10 Build 19628 or higher are invited to test the DNS over HTTPS feature. In the following article, Mytour will guide you on how to activate DNS over HTTPS (DoH) on Windows 10.
Activate DNS over HTTPS (DoH) on Windows 10
Note: Once DNS over HTTPS is available, the feature will be activated by default on Windows 10.
The feature is expected to be released on Windows 10 20H2 or Windows 10 21H1 in April or May 2021. Currently, Windows Insider users installing Windows 10 Build 19628 and higher can activate and experience the feature early.
Follow the steps below to activate DoH on Windows 10:
Step 1: Open Registry Editor window by pressing Windows + R to open the Run window, type regedit and press Enter.
Step 2: Next, in the Registry Editor window, navigate to the following key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDnscacheParameters
Step 3: Create a new DWORD (32-bit) value named EnableAutoDoh.
Step 4: Set the value in the Value data box to 2.
Additionally, Windows 10 DoH clients have DoH providers in the list below with both IPv4 and IPv6 addresses that you can use as DNS servers for Windows 10 to automatically send DNS requests over HTTPS:
Cloudflare has: 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001
Google has: 8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844
Quad9 provides: 9.9.9.9 149.112.112.112 2620:fe::fe 2620:fe::fe:9
DNS servers configured on Windows 10 must match the IP addresses in the DNS over HTTPS list to enable traffic encryption for DNS access.
You can manually configure Windows 10 to use any IP address as a DNS server via Control Panel if the DHCP service does not provide the IP addresses listed above as DNS servers.
Note: Supported DNS resolvers must be set up on Windows 10. We can set them up on the router and instruct Windows to query the router.
To configure DNS server on Control Panel, follow these steps:
Step 1: Open Control Panel.
Step 2: Go to Network and Internet => Network and Sharing Center => Change adapter settings.
Step 3: Find and right-click on the connection you want to add DNS server to and select Properties.
Step 4: Select Internet Protocol Version 4 (TCP/IPv4) or Protocol Version 6 (TCP/IPv6) then click select Properties.
Step 5: Select Use the following DNS server addresses and add the DNS server address into the boxes below.
Step 6: Click select OK or Apply to close the windows.
Step 7: Restart your computer to apply the changes.
Windows 10 also provides commands to add DNS resolvers that support DNS over HTTPS, including OpenDNS, NextDNS, CleanBrowsing, AdGuard DNS, and even the DNS of the Internet service provider.
To add DNS over HTTPS servers to the auto-promotion list on Windows 10, run the following command under Admin rights:
netsh dns add encryption server=
Note: In the command above, replace
Below is a list of DNS over HTTPS templates based on the URLs of popular DNS servers:
AdGuard: https://dns.adguard.com/dns-query
AdGuard Family protection: https://dns-family.adguard.com/dns-query
OpenDNS: https://doh.opendns.com/dns-query
OpenDNS FamilyShield: https://doh.familyshield.opendns.com/dns-query
CleanBrowsing: https://doh.cleanbrowsing.org/doh/family-filter/
nextdns.io: https://dns.nextdns.io/
This article from Mytour just showed you how to activate DNS over HTTPS (DoH) on Windows 10. Also, if you have any further questions or need clarification on topics like How to activate DNS over HTTPS on web browsers, feel free to leave your comments below the article.
