How to enable DNS over HTTPS (DoH) in Windows 11?

Network and Internet Settings in Windows 11 allows to enable encrypted only with DoH. This article will show you how to enable DNS over HTTPS feature in Windows 11.

How to enable DNS over HTTPS (DoH) in Windows 11?

Content Summary

Method 1: Network and Internet Settings
Method 2: Configure DNS over HTTPS(DoH) name resolution Group Policy

Method 1: Network and Internet Settings

Step 1: Press Windows + i key on the keyboard to open the Settings app. Alternatively, you can click the Start menu and select the Settings gear icon located at the top of the menu by default.

Press Windows + i key on the keyboard to open the Settings app. Alternatively, you can click the Start menu and select the Settings gear icon located at the top of the menu by default.

Step 2: Click on the Network & internet option.

Step 3: Click on the Ethernet or Wireless, depend on how you connect to Internet.

Click on the Network & internet option > Ethernet or Wireless, depend on how you connect to Internet.

Step 4: Click on the Edit button beside the DNS server assignment.

Click on the Edit button beside the DNS server assignment.

Step 5: Set the DNS settings to Manual option.

Set the DNS settings to Manual option.

Step 6: Toggle on IPv4 or IPv6.

Step 7: Enter the DoH server IP address in Preferred DNS. List of recommended DNS servers provided DoH services:

  • Google IPv4:
    • 8.8.8.8
    • 8.8.4.4
  • Google IPv6:
    • 2001:4860:4860::8888
    • 2001:4860:4860::8844
  • Cloudflare IPv4:
    • 1.1.1.1
    • 1.0.0.1
  • Cloudflare IPv6:
    • 2606:4700:4700::1111
    • 2606:4700:4700::1001
  • Quad9 IPv4:
    • 9.9.9.9
    • 149.112.112.112
  • Quad9 IPv6:
    • 2620:fe::fe
    • 2620:fe::fe:9

Step 8: Select Encrypted only (DNS over HTTPS) for Preferred DNS encryption. The types of DNS Encryption options available in Windows 11 as below:

  • Unencrypted only: Default unencrypted DNS.
  • Encrypted only (DNS over HTTPS): Use DoH servers only.
  • Encrypted preferred, unencrypted allowed: The first preference is DoH, but it will use the unencrypted DNS if it’s unavailable.

Select Encrypted only (DNS over HTTPS) for Preferred DNS encryption.

Step 9: Repeat the same for steps for Alternate DNS and Alternative DNS encryption.

Step 10: Click on the Save button to save the changes.

Method 2: Configure DNS over HTTPS(DoH) name resolution Group Policy

Step 1: Press Windows + R key to open the Run box.

Step 2: Type gpedit.msc and press Enter to open the Local Group Policy Editor.

Type gpedit.msc and press Enter to open the Local Group Policy Editor.

Step 3: Navigate to the following path:
Computer Configuration > Administrative Templates > Network > DNS Client

Step 4: Double-click on the Configure DNS over HTTPS(DoH) name resolution policy.

Double-click on the Configure DNS over HTTPS(DoH) name resolution policy.

Step 5: Click on the radio button for Enabled.

Step 6: Select Allow DoH for Configure DoH options.

Click on the radio button for Enabled and select Allow DoH for Configure DoH options.

Step 7: Click on the Apply then OK button.