Set Up DNS over HTTPS in Windows 11/10 for Private, Encrypted Browsing
Difficulty: Beginner | Time Required: 10 minutesWhen you browse the web, your device constantly looks up website names like
windowsforum.com and translates them into IP addresses using DNS, or Domain Name System. By default, traditional DNS requests can sometimes be visible to your network provider or anyone monitoring the network. That is where DNS over HTTPS (DoH) helps.DNS over HTTPS encrypts your DNS lookups, making it harder for others to see which websites your PC is trying to reach. It adds an extra layer of privacy and can also help protect against some forms of DNS tampering.
In this guide, you will learn how to enable DNS over HTTPS in both Windows 11 and Windows 10, using built-in settings where available.
Prerequisites
Before you begin, make sure you have the following:- A PC running Windows 11 or Windows 10
- Administrator access may be helpful for changing network settings
- A DNS provider that supports DNS over HTTPS, such as:
- Cloudflare:
1.1.1.1and1.0.0.1 - Google DNS:
8.8.8.8and8.8.4.4 - Quad9:
9.9.9.9and149.112.112.112
- Cloudflare:
Note: DNS over HTTPS support is built into modern versions of Windows 11 and newer builds of Windows 10, but the settings experience is much better in Windows 11. Some older Windows 10 versions may not show the same options in Settings.
What DNS over HTTPS Does
DNS over HTTPS does not make you fully anonymous, and it does not replace a VPN. What it does is encrypt DNS queries between your PC and your DNS provider.This means:
- Your DNS requests are harder to snoop on
- Public Wi-Fi networks have a harder time monitoring your lookups
- DNS manipulation by untrusted networks is less likely
Important: If your browser is already using Secure DNS, enabling DoH in Windows helps extend that protection to more apps system-wide, not just your browser.
How to Set Up DNS over HTTPS in Windows 11
Windows 11 offers the easiest way to enable DoH through the Settings app.1. Open Settings
Press Windows + I to open Settings.2. Go to Network Settings
Click:Network & internet
Then select your current connection type:
- Wi-Fi if you are using wireless
- Ethernet if you are using a wired connection
3. Open Hardware Properties
Click Hardware properties or Properties for the active network.4. Edit DNS Server Assignment
Find DNS server assignment and click Edit.A small settings window will appear.
5. Change DNS to Manual
In the drop-down menu, change from Automatic (DHCP) to Manual.Turn on:
- IPv4
- Optionally IPv6 if your network uses it
6. Enter a Secure DNS Provider
For IPv4, enter one of the following examples:Cloudflare
- Preferred DNS:
1.1.1.1 - Alternate DNS:
1.0.0.1
Google
- Preferred DNS:
8.8.8.8 - Alternate DNS:
8.8.4.4
Quad9
- Preferred DNS:
9.9.9.9 - Alternate DNS:
149.112.112.112
7. Enable Encryption
Next to each DNS entry, look for the DNS over HTTPS option.Choose:
- On (automatic template) if available
- Or On (manual template) if Windows asks for it
8. Save the Changes
Click Save.Windows should now start using encrypted DNS for that connection.
9. Verify It Is Working
You can confirm your settings by returning to the same page and checking whether your DNS servers show as encrypted.You can also open a browser and visit a DNS test site such as Cloudflare’s security check or another secure DNS test page.
Tip: If a website stops loading after the change, double-check that you entered the DNS server addresses correctly.
How to Set Up DNS over HTTPS in Windows 10
Windows 10 support depends on version and build. On newer builds, DoH may be configurable, but the interface is usually less polished than Windows 11.Option 1: Use Windows Settings or Network Properties
1. Open Settings
Press Windows + I, then go to:Network & Internet
2. Open Adapter Options
Depending on your version, go to:- Status
- Change adapter options
- Control Panel
- Network and Sharing Center
- Change adapter settings
3. Open Your Network Adapter Properties
Right-click your active network adapter:- Wi-Fi
- Ethernet
4. Edit Internet Protocol Version 4
Double-click Internet Protocol Version 4 (TCP/IPv4).5. Set Custom DNS Servers
Select Use the following DNS server addresses.Enter one of these:
- Cloudflare:
1.1.1.1and1.0.0.1 - Google:
8.8.8.8and8.8.4.4 - Quad9:
9.9.9.9and149.112.112.112
Warning: Simply changing the DNS server in older Windows 10 builds does not always mean DNS over HTTPS is enabled. It may only switch to a different DNS provider without encryption.
Option 2: Enable DoH on Supported Windows 10 Builds
If your Windows 10 version supports DoH, you may be able to use encrypted DNS with supported servers, but Microsoft rolled this out gradually.To check your version:
- Press Windows + R
- Type
winver - Press Enter
Because Windows 10 support varies, many users rely on:
- A browser’s built-in Secure DNS setting
- A router that supports encrypted DNS
- Upgrading to Windows 11 for easier system-wide DoH management
Optional: Set Up IPv6 DNS over HTTPS
If your internet connection supports IPv6, you can also enter IPv6 DNS addresses.Examples:
Cloudflare IPv6
- Preferred:
2606:4700:4700::1111 - Alternate:
2606:4700:4700::1001
Google IPv6
- Preferred:
2001:4860:4860::8888 - Alternate:
2001:4860:4860::8844
Quad9 IPv6
- Preferred:
2620:fe::fe - Alternate:
2620:fe::9
Tips and Troubleshooting
1. If the DoH option does not appear
This usually means one of the following:- Your version of Windows does not support it in Settings
- Your DNS provider is not recognized automatically
- Your network adapter is being managed by your organization
- You are using an older Windows 10 build
2. If internet access stops working
Try these checks:- Re-enter the DNS addresses carefully
- Restart your PC
- Disable and re-enable the network adapter
- Switch to another trusted DNS provider
3. If you are on a work or school PC
Some organizations enforce DNS settings through Group Policy, VPN software, or security tools. If your settings keep changing back, this may be intentional.Note: On managed PCs, changing DNS settings may violate your organization’s IT policy.
4. Browser Secure DNS vs Windows DoH
Modern browsers like Edge, Chrome, and Firefox may have their own secure DNS settings. These can work alongside Windows DoH, but they may also override system behavior for browser traffic.5. Public Wi-Fi benefit
DNS over HTTPS is especially useful on hotel, airport, and café Wi-Fi, where network visibility and tampering are more likely.Should You Use Cloudflare, Google, or Quad9?
All three are popular, but they differ slightly:- Cloudflare is known for speed and privacy focus
- Google DNS is widely available and reliable
- Quad9 emphasizes security and blocking known malicious domains
Conclusion
Setting up DNS over HTTPS in Windows 11 or Windows 10 is a simple way to improve your privacy by encrypting DNS lookups. In Windows 11, the process is straightforward through the Settings app. In Windows 10, support depends more heavily on your version, and some systems may only allow partial setup without full encryption.Even though DoH is not a replacement for a VPN or full online anonymity, it is still a smart privacy upgrade for everyday browsing, especially on public or untrusted networks.
Key Takeaways:
- DNS over HTTPS encrypts your DNS requests for better privacy
- Windows 11 offers the easiest built-in setup experience
- Windows 10 support varies by version and build
- Trusted providers include Cloudflare, Google, and Quad9
- DoH helps protect browsing lookups on public and home networks
This tutorial was generated to help WindowsForum.com users get the most out of their Windows experience.
