Setup Guide

Configure your devices for secure, private browsing in minutes.

Chrome & Firefox

Google Chrome

  1. Go to Settings > Privacy and security > Security.
  2. Scroll down to the "Advanced" section.
  3. Enable "Use Secure DNS".
  4. Select "With" and choose "Custom".
  5. Enter our DoH address: https://dnsdoh.art/dns-query

Mozilla Firefox

  1. Go to Settings > Privacy & Security.
  2. Scroll down to "DNS over HTTPS" section.
  3. Select "Max Protection" or "Increased Protection".
  4. Choose "Custom" provider.
  5. Enter our DoH address: https://dnsdoh.art/dns-query

Android (9+)

Android supports "Private DNS" (DNS over TLS) natively since version 9.

  1. Open Settings on your device.
  2. Navigate to Network & internet (or Connections).
  3. Tap on Private DNS.
  4. Select "Private DNS provider hostname".
  5. Enter our DoT hostname: dnsdoh.art
  6. Click Save.

Windows 11

Windows 11 supports DNS over HTTPS natively.

  1. Open Settings > Network & internet.
  2. Select your connection properties (Wi-Fi or Ethernet).
  3. Click "Edit" next to "DNS server assignment".
  4. Select "Manual" and toggle IPv4 on.
  5. Enter our IP: 194.180.189.33
  6. Set "Preferred DNS encryption" to "Encrypted only (DNS over HTTPS)".
  7. For "DNS over HTTPS template", enter: https://dnsdoh.art/dns-query
  8. Click Save.

iOS & macOS

Using Configuration Profile

The easiest way to set up Secure DNS on Apple devices is by installing a signed configuration profile.

Download MobileConfig

Tap "Allow" if prompted to download a configuration profile.

Manual Setup (macOS 13+)

Similar to iOS, macOS requires a profile for system-wide DoH/DoT. However, you can configure individual browsers like Safari or Chrome separately.

Router Setup

Setting up DNS on your router protects all devices on your network automatically. We offer instructions for both standard legacy DNS (unencrypted) and advanced Secure DNS (encrypted).

Basic

Legacy DNS (IPv4)

Use this if your router does not support encrypted DNS. Note: Queries will not be encrypted.

  1. Log in to your router's admin panel (usually 192.168.1.1 or 192.168.0.1).
  2. Find DNS Settings (often under WAN or Internet setup).
  3. Set Primary DNS to: 194.180.189.33
  4. Save changes and restart your router.
Advanced

Secure DNS (DoH/DoT)

OpenWrt (via HTTPS DNS Proxy)

Requires https-dns-proxy package installed.

# /etc/config/https-dns-proxy

config main 'config'
  option update_dnsmasq_config '1'

config https-dns-proxy
  option bootstrap_dns '1.1.1.1'
  option resolver_url 'https://dnsdoh.art/dns-query'
  option listen_addr '127.0.0.1'
  option listen_port '5053'

MikroTik (RouterOS v6.47+)

  1. Go to IP > DNS.
  2. Set Servers to 194.180.189.33.
  3. Check "Verify DoH Certificate" (Recommended).
  4. In DoH Server field, enter:
https://dnsdoh.art/dns-query

Asuswrt-Merlin / Keenetic

Go to WAN > Internet Connection. Enable DNS over TLS (DoT).

IP Address 194.180.189.33
TLS Hostname dnsdoh.art
Port 853