How to use Cloudflare DNS (1.1.1.1) for better privacy

Published by on April 4, 2018 in VPN & Privacy

cloudflare dns

Cloudflare launched a new privacy-focused DNS resolver service this month that anyone can use for free. The company, which also provides a content delivery network, DDoS protection, and other security services for businesses, says the DNS service will speed up web browsing and improve privacy.

DNS, or Domain Name System, is what computers use to turn human-readable domains like “comparitech.com” into IP addresses. An IP address is a unique string of numbers and decimals assigned to every device connected to the internet. When you type in a website address, a request is sent to a DNS server to look up the IP address for the website associated with that domain name. This process is called DNS resolution, and by default it usually takes place on a DNS server owned by your internet service provider.

An ISP can use the information gleaned from DNS traffic to figure out which websites you’ve been visiting, even if you use HTTPS. And now that broadband privacy regulations have been rolled back in the US, Cloudflare is capitalizing on the demand for a more private DNS alternative. By switching your DNS settings to use Cloudflare instead of your default DNS server, your ISP can’t snoop on your web history or share that information with third parties.

In this article, we’ll show you how to set up Cloudflare DNS on Windows, MacOS, iOS, Android, and wifi routers.

How to use Cloudflare DNS (1.1.1.1)

To get started, you’ll need a working internet connection. You can use wifi or ethernet, but note that changing your DNS settings on one will not change them on the other. You’ll need to repeat the process for each network interface (wifi, ethernet) you plan to use.

For any device, Cloudflare’s primary DNS server address is 1.1.1.1, and 1.0.0.1 is used as an alternative for redundancy.

How to set up Cloudflare DNS on Windows

For demonstration purposes, these are the instructions for how to set up Cloudflare DNS on Windows 10, but other versions of Windows should be fairly similar. Note that you must be an administrator on your computer to access some of these settings.

  1. While connected to the internet, right click the Wi-Fi or Ethernet icon in your system tray (the right side of the taskbar) and select Open Network & Internet Settingscloudflare dns 1
  2. Click Wi-Fi, then scroll down to select Change adapter optionscloudflare dns 2
  3. Find the adapter you use—for most of you, this will be Wi-Fi or Wireless Network Connection—and right click, then select Propertiescloudflare dns 3
  4. In the properties window on the default Networking tab, look under This connection uses the following items to find Internet Protocol Version 4 (TCP/IPv4). Click it once to highlight it (do not uncheck it) and click Properties
  5. Select the option for Use the following DNS server addresses and enter the following IP addresses into the two fields:
    • Preferred DNS server: 1.1.1.1
    • Alternate DNS server: 1.0.0.1cloudflare dns 5
  6. Click OK
  7. If you use IPv6, back on the Properties menu, click (don’t uncheck) Internet Protocol Version 6 (TCP/IPv6) and click Propertiescloudflare dns 6
  8. Select the option for Use the following DNS server addresses and enter the following IP addresses into the two fields:
    • Preferred DNS server: 2606:4700:4700::1111
    • Alternate DNS server: 2606:4700:4700::1001cloudflare dns 7
  9. Click OK

Repeat as necessary for any other adapters you use, such as ethernet.

How to set up Cloudflare DNS on Mac

This tutorial uses macOS High Sierra, but the process should be more or less the same on other versions of OSX and macOS.

  1. While connected to the internet, click the Apple menu and select System Preferences
  2. Run a search in this menu for DNS servers and select it from the dropdown resultsmac dns 1
  3. Click the plus (‘+’) button to add a DNS server and type 1.1.1.1mac dns 2
  4. Repeat the previous step, but this time enter 1.0.0.1
  5. Click OK, and then Apply

How to set up Cloudflare DNS on Android

See: How to set up Cloudflare DNS on a wifi router

Android doesn’t play well with custom DNS settings. You’ll need a static IP address to use custom DNS servers, and by default most people don’t use static IPs. Cloudflare instead recommends configuring the DNS server on your wifi router instead of on the device itself.

How to set up Cloudflare DNS on iOS (iPhone, iPad)

These instructions are based on iOS 11, but the process should be similar on other recent versions of iOS.

  1. While connected to the internet, from the home screen, open Settingscloudflare dns ios
  2. Select Wi-Fi, then your wifi network from the listcloudflare dns ios 2
  3. Select Configure DNS, then click Manualcloudflare dns ios 3
  4. Clear any existing entries by tapping the minus (‘-‘) button and Deletecloudflare dns ios 4
  5. Select the Add Server (‘+’) button and enter 1.1.1.1cloudflare dns ios 5
  6. Repeat the previous step, but this time enter 1.0.0.1
  7. Click the Save button on the top right

How to set up Cloudflare DNS on a wifi router

Setting up Cloudflare DNS on a wifi router will affect all the devices connected to it, routing all of their DNS requests to CloudFlare’s servers instead of your ISP’s servers. This can save you the trouble of configuring each individual device in your home, but remember that those devices will revert to their default settings if you connect to a different network.

Writing a tutorial for setting up Cloudflare DNS on a wifi router is problematic because router firmware is not standardized, meaning the process will vary based on your router’s model and manufacturer. With that in mind, we’ll do our best to offer some generic instructions:

  1. While connected to the internet through your router, open a browser and navigate to your router’s dashboard. This is usually done by entering 192.168.0.1 or 192.168.1.1 into the URL bar of your web browser.
  2. Enter your username and password. If you’re not sure, Google the default username and password for your router model, check the labels on the outside of the router, or ask your ISP. Often, the default credentials are something simple like “admin”.
  3. In your router dashboard, find the DNS settings. You may need to look through a few different menus to find it depending on your router’s firmware.expressvpn router cloudflare dns
  4. Replace the current DNS servers with the following:
    • IPv4 preferred: 1.1.1.1
    • IPv4 alternate: 1.0.0.1
    • IPv6 preferred: 2606:4700:4700::1111
    • IPv6 alternate: 2606:4700:4700::1001
  5. Save your changes and restart your browser.

Note: If your router login still uses the default username and password, you should change them for better security.

Cloudflare vs Google DNS

The largest public DNS provider in the world right now is Google. Cloudflare promises to be faster and more private than Google DNS for a number of reasons.

Let’s start with speed. Pretty much anything you do in a web browser starts with a DNS request, so a faster DNS service will noticeably improve page load times. Cloudflare boasts that it tested faster than Google DNS and Cisco OpenDNS according to DNSPerf, an independent monitoring agency.

When it comes to privacy, Cloudflare says it will never log your IP address, which can be used to identify your computer, smartphone, or other device, along with its approximate location. Google does log users’ IP addresses, but only temporarily.

Cloudflare supports DNS over HTTPS and DNS over TLS, which ensure that DNS requests are encrypted and cannot be read by your ISP or any other third party.

Cloudflare logs DNS queries for diagnostic and debugging purposes, but those queries are deleted after 24 hours. This is important for privacy, as DNS queries can be used to cobble together a person’s web browsing history. Similarly, Google logs queries for 24 to 48 hours before destroying them, but keeps non-identifying information for longer.

Cloudflare does share DNS query data with APNIC Labs, which is part of Asia domain registry APNIC. APNIC allows Cloudflare to use the 1.1.1.1 network address in exchange for that data, which it says it will use for research purposes. Those purposes include understanding DNS better and mitigating denial-of-service (DoS) attacks.

Cloudflare DNS vs VPN

Cloudflare DNS is shaping up to be a boon for internet users who are concerned about their privacy. But DNS is only one part of the puzzle. While your ISP won’t be able to see your DNS traffic when using Cloudflare DNS, it can still view the contents of any internet traffic that’s sent over the network unencrypted. That means your ISP can still snoop on any non-HTTPS sites you visit.

Furthermore, using Cloudflare DNS obviously requires that you trust Cloudflare and, in turn, APNIC, to keep your records private and destroy them as promised.

If you want more privacy or don’t fully trust Cloudflare, we recommend using a VPN. Short for Virtual Private Network, a VPN encrypts all of a device’s internet traffic and routes it through an intermediary server in a location of your choosing. The encryption prevents anyone, including your ISP, from snooping on the contents of your traffic. The intermediary server means no one but you and the VPN provider can know where traffic is going to or coming from.

A VPN app’s DNS settings will usually override your system’s settings unless you configure it otherwise. VPN DNS servers are usually located in the same place as the standard VPN servers, which helps to unblock geo-locked content by masking your real location.

The best, most reputable VPN providers keep no logs of your IP address or traffic contents but, again, you must trust the provider to adhere to these claims. What’s more, good VPN services use their own private DNS servers, which are also logless. See our list of the best logless VPNs for more information.

Cloudflare präsentiert DNS-Server 1.1.1.1 mit Fokus auf Privatsphäre” by Marco Verch licensed under CC BY 2.0

By

@pabischoff |@Comparitech

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Guides
Guide to using public wifi safely and securelyJuly 6, 2017 / by Osman Husain
+ More guides
Popular Posts
Netflix proxy error Fix – 11 VPNs that still unblock Netflix in 2018May 16, 2018 / by Paul Bischoff
How to make your own free VPN with Amazon Web ServicesMay 15, 2018 / by Paul Bischoff
6 best VPNs for torrenting: P2P VPNs for 2018April 2, 2018 / by Paul Bischoff
The 20 best free SFTP and FTPS servers for Windows and LinuxJanuary 30, 2018 / by Jon Watson
A beginner’s guide to online censorshipAugust 26, 2017 / by Paul Bischoff
+ More posts
Latest Cloud and Online Backup
Is Dropbox Secure? 9 Ways To Make The File Sharing Service Safer To UseDecember 28, 2017 / by David Gilbert
How long do hard drives last for?August 27, 2017 / by Paul Bischoff
What is disaster recovery and how do you plan for it?January 23, 2017 / by Sam Cook
How to build your own cloud storage server at a fraction of the costOctober 28, 2016 / by Paul Bischoff
4 tools to torrent on a Chromebook, Chrome OS, and Chrome browserAugust 17, 2016 / by Paul Bischoff
+ More posts
Latest Information Security
20 of the most interesting companies to visit at Infosec Europe 2018May 23, 2018 / by Penny Hoelscher
13+ free pentesting toolsMay 15, 2018 / by Penny Hoelscher
Linux 2FA: How to secure SSH logins with Google Authenticator and YubikeyMay 14, 2018 / by Jon Watson
How and where to get a scholarship in cybersecurityMay 9, 2018 / by Sam Cook
What a brute force attack is (with examples) and how you can protect against oneMay 9, 2018 / by Aimee O'Driscoll
+ More posts
Latest VPN & Privacy
Best VPNs for Tinder in 2018 to access it anywhereMay 22, 2018 / by Osman Husain
Best VPNs for Australia in 2018 and which to avoidMay 22, 2018 / by Paul Bischoff
5 Best VPNs for 7plus so you can watch it outside of AustraliaMay 22, 2018 / by Ian Garland
Best VPN for Eurosport in 2018 so you can watch it anywhereMay 22, 2018 / by Aimee O'Driscoll
Best VPN for businesses in 2018 and some to avoidMay 21, 2018 / by Osman Husain
+ More posts
Latest Crypto
How to buy and pay with bitcoin anonymouslyApril 18, 2018 / by Aimee O'Driscoll
What bitcoin is and how to buy it and use itApril 6, 2018 / by Aimee O'Driscoll
Monero vs zcash vs dash: which is the most anonymous cryptocurrency?April 4, 2018 / by Aimee O'Driscoll
20+ Bitcoin scams and how to spot and avoid themMarch 8, 2018 / by Aimee O'Driscoll
What is Bitcoin mining and how can you do it?March 7, 2018 / by Aimee O'Driscoll
+ More posts
Latest Crypto Popular Posts
How to buy and pay with bitcoin anonymouslyApril 18, 2018 / by Aimee O'Driscoll
What is Bitcoin mining and how can you do it?March 7, 2018 / by Aimee O'Driscoll
15 best bitcoin wallets for 2018 (that are safe and easy to use)February 25, 2018 / by Aimee O'Driscoll
+ More posts
Latest Kodi
How to fix “Failed to install a dependency” error In KodiMay 15, 2018 / by Ian Garland
How to install DAZN Kodi addon and what to do if you can’t access DAZNMay 15, 2018 / by Tom Blackstone
Is there a Kodi smart TV app? Can you install Kodi on a smart TV?May 15, 2018 / by Tom Blackstone
114 Best Kodi Addons working as of May 2018May 12, 2018 / by Ian Garland
Kodi not working? How to fix common Kodi problemsMay 12, 2018 / by Ian Garland
+ More posts
Latest Kodi Popular Posts
114 Best Kodi Addons working as of May 2018May 12, 2018 / by Ian Garland
How to stop Kodi Buffering (3 fixes that actually work)May 1, 2018 / by William Elcock
15 great Kodi movie and TV addons that actually work in 2018May 1, 2018 / by Paul Bischoff
How to install a VPN on Amazon Fire Stick/Fire TVApril 17, 2018 / by Paul Bischoff
Best Kodi Repositories, 8 we love and some to be wary ofNovember 13, 2017 / by Ian Garland
+ More posts
Latest Net Admin
15 Best Free Syslog Servers for Linux and WindowsMay 10, 2018 / by Stephen Cooper
10 Best Log Management Tools (including Alternatives to Cronolog & Analog)May 10, 2018 / by Stephen Cooper
SolarWinds NetFlow Traffic Analyzer ReviewMay 10, 2018 / by John Kimball
PowerShell Cheat SheetMay 9, 2018 / by Tim Keary
The Definitive Guide to NmapMay 9, 2018 / by Tim Keary
+ More posts
Latest Net Admin Popular Posts
50 Best Network Monitoring Tools of 2018April 26, 2018 / by Stephen Cooper
The 20 best free SFTP and FTPS servers for Windows and LinuxJanuary 30, 2018 / by Jon Watson
Best free bandwidth monitoring software and tools to analyze network traffic usageDecember 8, 2017 / by John Kimball
10 Best free TFTP servers for Windows, Linux and MacNovember 22, 2017 / by Jon Watson
The best free NetFlow analyzers and collectors for WindowsNovember 22, 2017 / by John Kimball
+ More posts
Latest Plex
Watch your Plex library in Kodi with the Plex Kodi addonDecember 24, 2017 / by Aaron Phillips
How to set up Plex on Chromecast and get the most out of itDecember 7, 2017 / by Aaron Phillips
Plex vs Kodi: Which streaming software is right for you?November 1, 2017 / by Aaron Phillips
Installing and using the Fire TV Plex appOctober 31, 2017 / by Aaron Phillips
The best Plex channels: 25 of our favoriteSeptember 20, 2017 / by Aaron Phillips
+ More posts
Latest Plex Popular Posts
The best Plex channels: 25 of our favoriteSeptember 20, 2017 / by Aaron Phillips
How to get started streaming with Plex media serverSeptember 20, 2017 / by Aaron Phillips
Selectively routing Plex through your VPNSeptember 20, 2017 / by Aaron Phillips
+ More posts
Latest Utilities
Is your Windows startup slow? How to speed it up by finding and disabling startup programsMay 22, 2018 / by Sam Cook
How to speed up a slow laptop or PC (Windows 10, 8 or 7) for freeFebruary 20, 2018 / by Aimee O'Driscoll
+ More posts