Use Encrypted DNS Whenever Possible

DNS can leak, so make sure no DNS requests bypass your VPN or P2P connection.

Cover image  Use Encrypted DNS Whenever Possible

Even with a secure network, DNS leaks can still occur. It’s worth verifying that no requests are being split-tunneled.

To keep my DNS traffic safe, I use DNSCrypt, which encrypts DNS requests and protects against threats like DNS spoofing and man-in-the-middle attacks. I use public, no-log DNS servers for more privacy. DNSCrypt doesn’t stop leaks. It just secures the traffic. To make my privacy stronger, I use dnscrypt-proxy2 to send DNS requests through Tor.

Hint: Firefox uses DNS-over-HTTPS (DoH) by default, routing requests through Cloudflare DNS. It’s a good idea to switch to an alternative provider or disable DoH for better control over your DNS privacy.