Enable DNS over HTTPS in Windows 11, also known as DoH

Internet Network Regional Language Globe Icon 256 5

You can enable DNS over HTTPS in Windows 11 using four methods reviewed in this post. Microsoft updated the Settings app, so it is now easy to configure this feature with just a few clicks.

DNS-over-HTTPS (DoH) is a modern security protocol for the Internet. The idea behind it is to protect the users' privacy and security by encrypting DNS data transferred between the client and server devices. This excludes man-in-the-middle attacks, since DoH is using HTTPS. This requires a DoH supported server to resolve encrypted DNS queries coming from users.

This post will show you various methods of how to enable DoH in Windows 11.

How to Enable DNS over HTTPS in Windows 11 (DoH)

  1. Open the Settings app by pressing the Win + I keys.
  2. Open the Network & internet page.
  3. Click on the Properties button on the right.
  4. On the next page, click the Edit button under DNS server assignment.
  5. Select Manual from the drop-down list at the top of the page.
  6. Specify the DNS server addresses that support DoH using the reference table below.
  7. Select Encrypted only (DNS over HTTPS) from the in the Preferred DNS encryption and Alternate DNS encryption drop-down menus.
  8. If your connection supports IPv6, repeat the previous steps for the its configuration.
  9. Finally, click on the Save button.

You are done. To check if the DoH feature actually works on your device, scroll down the contents of the Network & internet > Properties page. You should see "Encrypted" next to the DNS address value.

You can use the following public DNS over HTTPS servers.

The list of public DNS servers that support DoH

Server Owner IPv4 addresses IPv6 addresses
Cloudflare 1.1.1.1

1.0.0.1

2606:4700:4700::1111

2606:4700:4700::1001

Google 8.8.8.8

8.8.4.4

2001:4860:4860::8888

2001:4860:4860::8844

Quad9 9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::fe:9

The alternative method is to enable DoH in the Registry. Use it if for some reason the above method fails, or the Settings app doesn't work in your session.

Turn on DNS over HTTPS in the Registry

  1. Press Win + R and type regedit in the Run box and hit Enter.
  2. In Registry Editor, navigate to the following path. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters.
  3. On the right, modify or create a new 32-Bit DWORD value EnableAutoDoh.
  4. Set its value to 2.
  5. Restart Windows 11.

This will activate DNS over HTTPS, so Windows will start sending and receiving DNS traffic through secure, encrypted servers. However, you need to specify the proper DNS server address. Again, use one servers listed in above mentioned table.

Here is how you can change a DNS server address in Windows 11 without using the Settings app.

Change Server Address after enabling DoH

  1. Press Win + R and type control in the Run box, then hit Enter. This will open the classic Control Panel app.
  2. Go to Control Panel\Network and Internet\Network and Sharing Center.
  3. On the right, click on Change adapter properties.
  4. This will open the Network Connections dialog. Double-click your network connection.
  5. Click Properties in the next window.
  6. In Adapter Properties, select the Internet Protocol Version 4 (TCP/IPv4) entry, and click on the Properties button.
  7. Select the option "Use the following DNS server addresses:" on the General tab. Enter the DNS server address that supports DoH.
  8. If your network configuration includes IPv6, specify the IPv6 servers for the Internet Protocol Version 6 (TCP/IPv6) option.
  9. Click OK to apply the change.

You are done.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

3 thoughts on “Enable DNS over HTTPS in Windows 11, also known as DoH”

  1. does this only apply to connections with cable lines?
    I have checked for a wireless connection, there is no DoH setting

      1. And yet… it does only apply to wired connections. Checked and confirmed – the options DO NOT appear under the wifi connections.

Leave a Reply

Your email address will not be published.

Exit mobile version
Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.