FritzBox Secure DNS DoT

Activate DNS over TLS FritzBox

FritzBox Secure DNS

I assume that a lot of people are using a Fritz! Box from AVM.

If you are interested in securing your DNS requests, proceed as follows.

When Secure DNS (DoT) is activated, DNS queries are encrypted via TLS. DoT protects against unintentional reading of DNS requests. The whole thing under the aspect of protecting privacy.

Communication takes place via TLS port 853.

This feature is only available from the Version 7.2 unterstützt.

Navigate to the access data> DNS server and via the Fritz! Box console
enable DNS over TLS (DoT)

Activate DNS over TLS FritzBox

The 3 options are activated by default and we are not making any changes to them. In the lower field (box) we insert e.g. the DNS servers from Cloudflare, as shown. There is its own syntax here, IP addresses are not entered as usual.

DoT DNS server list

Cloudflare Secure DNS

The Fritz! Box will now send every DNS request encrypted via TLS.

Secure DNS DoT encrypted

After completing the configuration, we will do another check. To do this, we open the Cloudflare website.

https://www.cloudflare.com/ssl/encrypted-sni/

Cloudflare Security Browser Check

Ultimately, DoT is just another step in protecting privacy. This technology only encrypts the route from the home router to the provider's resolver. The resolver now resolves the requested domain name into an IP, but in plain text. This means that the resolver's communication with the DNS root servers and authoritative servers is again unencrypted. This component for safeguarding or protecting privacy is important and should be used if possible.

Here is a list of other providers that support DoT. Please pay attention to the correct spelling. The best thing to do is to copy & paste.

Clean Browsing:

adult-filter-dns.cleanbrowsing.org
family-filter-dns.cleanbrowsing.org
security-filter-dns.cleanbrowsing.org

Digital courage:

dns2.digitalcourage.de

Google:

dns.google

Quad9:

dns.quad9.net

FritzBox SecureDNS

Public DNS server