DNS Providers
Without using a secure, privacy-centric DNS all your web requests can be seen in the clear. You should configure your DNS queries to be managed by a service that respects privacy and supports DNS-over-TLS, DNS-over-HTTPS or DNSCrypt.
-
One of the most performant options, Cloudflare's DNS supports DoH and DoT, and has a Tor implementation, providing world-class protection. They have native cross-platform apps, for easy set-up.
-
Open-source DNS provider, specialising in the blocking of ads, trackers and malicious domains. They have been independently audited and do not keep logs.
-
An ad-blocking, privacy-protecting, censorship-bypassing DNS. Also comes with analytics, and the ability to shield kids from adult content.
Objective of this page
Find the best free, open source, E2E encrypted and private alternative to google dns, cloudflare, quad9, opendns, norton connectsafe, now.
Compare CloudFlare vs AdGuard vs NextDNS vs
Discover the best DNS Providers tools for Android, iPhone, Linux, PC and Chrome to download now. And choose secure, self-hosted, peer-to-peer and independant alternatives in 2024
Stop the invasion of privacy from big tech, improve data security stay safe.
Notable Mentions
- Quad9 -
A well-funded, performant DNS with a strong focus on privacy and security and easy set-up, however questions have been raised about the motivation of some of the financial backers.
- BlahDNS -
(Japan, Finland or Germany) is an excellent security-focused DNS
- OpenNIC -
NixNet DNS and UncensoredDNS are open source and democratic, privacy-focused DNS
- Unbound -
A validating, recursive, caching DNS resolver, designed to be fast and lean. Incorporates modern features and based on open standards
- Clean Browsing -
A good option for protecting kids, they offer comprehensive DNS-based Content Filtering
- Mullvad -
Mullvads public DNS with QNAME minimization and basic ad blocking. It has been audited by the security experts at Assured. You can use this privacy-enhancing service even if you don't use Mullvad.
Notes
DNS Protocols
DNS-over-TLS was proposed in RTC-7858 by the IETF, then 2 years later, the DNS-over-HTTPS specification was outlined in RFC8484 in October '18. DNSCrypt, is a protocol that authenticates communications between a DNS client and a DNS resolver. It prevents DNS spoofing, through using cryptographic signatures to verify that responses originate from the chosen DNS resolver, and haven't been tampered with. DNSCrypt is a well battle-tested protocol, that has been in use since 2013, and is still widely used.
Word of Warning
Using an encrypted DNS resolver will not make you anonymous, it just makes it harder for third-partied to discover your domain history. If you are using a VPN, take a DNS leak test, to ensure that some requests are not being exposed.
Submit New Entry
Are we missing anything? You can help us improve this page, by submitting a new entry