In the past I’ve written about good VPN services to use, and now it’s time to talk about DNS. Short for Domain Name System, DNS is commonly referred to as the “phone book” of the internet. It helps connect web browsers with web servers by translating addresses like 188.8.131.52 into www.macobserver.com. Here are four private DNS services that I recommend. They are also all encrypted DNS.
There are several different ways to use a DNS server. One is to manually go into network settings on each and configure the Wi-Fi. The second way is to download an app, and the third way is to go into your router settings and configure it there. You can typically access your router settings by typing 192.168.1.1 in a web browser.
You can manually change your DNS server on iOS by going to Settings > Wi-Fi. Tap on the blue “i” icon next to your Wi-Fi network, then scroll down and tap Configure DNS. On macOS you’ll find this by going to System Preferences > Network > Advanced > DNS.
Your ISP will automatically set you up with its own DNS servers. But many, if not all, ISPs collect your browsing history and sell it to advertisers. This is why we want to use private DNS services.
Using a DNS app is helpful on iPhones and iPads because if you connect to multiple Wi-Fi networks, you’ll have to configure all of them. Plus, you can’t configure DNS on a cellular connection. But DNS apps set up a fake VPN profile, which means you’ll have that DNS no matter which network you connect to.
To manually configure them, use the addresses for the primary and secondary servers. Type the primary server first and the secondary server second. Unless your network supports IPv6, you can stick with the IPv4 servers. Make sure that both the primary and secondary servers are both the same protocol.
Cloudflare released its public DNS a couple of years ago. The company says its WARP technology makes it faster than other DNS services. Cloudflare also says it doesn’t keep logs or share your data with advertisers.
- Primary Server: 184.108.40.206
- Secondary Server: 220.127.116.11
AdGuard has a DNS service in addition to an adblocker. The DNS service can automatically filter out ads, malicious websites, tracking, and phishing. It also has separate servers for family protection that blocks adult content. It supports DNSCrypt, DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) protocols.
- Primary Server: 18.104.22.168
- Secondary Server: 22.214.171.124
- Primary Server: 126.96.36.199
- Secondary Server: 188.8.131.52
Like AdGuard, DNSWarden offers servers for adblocking and adult content filtering, as well as uncensored servers that block nothing. It supports Dns-over-TLS , Dns-over-HTTPS and DNSCrypt with DNSSEC enabled and no logging.
- Primary Server: 184.108.40.206
- Primary Server: 220.127.116.11
- Primary Server: 18.104.22.168
This is the service that I currently use, and I really like it. It’s similar to Pi-hole except it’s web-based. There are a wide variety of block lists to choose from, like blocking known NSA / GCHQ / CIA / FBI servers. AdGuard’s block list is also available here, as well as other popular lists like EasyList. You can add multiple lists at once.
I noticed that it seems to offer different DNS servers for each person, or maybe a handful that they rotate, but you can get servers without having to make an account.
I mentioned that DNS apps on iOS and iPadOS set up a fake VPN profile. It’s fake because it doesn’t route your traffic through other servers, it’s just 127.0.0.1. But if you use an actual VPN app, make sure the protocol it uses is IKEv2 (if it gives you a choice). This way, you can use both the VPN app and the DNS app at the same time.