HostuxDNS

Windows 11 has built-in support for DNS over HTTPS since version 21H2 (October 2021). Unlike browser-level configuration, this applies system-wide: all applications on the machine use the encrypted resolver, not just the browser.

Setup takes about two minutes. No third-party software is required.

1. Press Win + I to open Settings, or search for Settings in the Start menu.
2. In the left panel, go to Network & Internet.
3. Click on your active interface: Wi-Fi or Ethernet.
4. Find DNS server assignment and click Edit.
5. Switch from Automatic (DHCP) to Manual.
6. Enable IPv4 and fill in:
   • Preferred DNS: 46.226.108.173
   • Preferred DNS encryption: Encrypted only (DNS over HTTPS)
   • DNS over HTTPS template: https://dns.hostux.net/dns-query
7. Optionally, add the alternate server:
   • Alternate DNS: 46.226.109.82
   • Alternate DNS encryption: Encrypted only (DNS over HTTPS)
   • DNS over HTTPS template: https://dns.hostux.net/dns-query
8. Click Save. The change takes effect immediately.

Microsoft documentation on Secure DNS in Windows

To block ads and trackers at the DNS level, use the filtering endpoint instead:

• DNS over HTTPS template: https://dns.hostux.net/ads

The IP addresses remain the same (46.226.108.173 / 46.226.109.82). Only the DoH template changes.

Windows 10

Windows 10 does not support DoH through the Settings UI. You would need a registry edit or a third-party client (such as dnscrypt-proxy). Upgrading to Windows 11 is the simpler option.

System-wide vs browser-level

This configuration covers all applications: browsers, games, system services, and background processes. If you only want to encrypt DNS for a specific browser, configure DoH in the browser settings instead.

Encryption mode

Encrypted only ensures Windows never falls back to unencrypted DNS. If the resolver is unreachable, DNS resolution fails rather than silently sending queries in plaintext.