What's new

Cloudflare DNS over TLS malware settings

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Brucecooper

New Around Here
I would like to know if I should leave cloudflare DNS at 1.1.1.1 and 1.0.0.1 for malware protection and just change the DNS-over-TLS hostname to security.cloudflare-dns.com? Or should I change both addresses to 1.1.1.2 and 1.0.0.2 for both my DNS server 1 and 2 and to them as well in the DNS server list when I change the TLS hostname? I'm asking because this is how they say to do it on their help page... Thank you
 

Attachments

  • Screenshot_20220228-111229.png
    Screenshot_20220228-111229.png
    88.1 KB · Views: 306
It doesn't matter much, if you set DoT profile to Strict. DNS1 and DNS2 will be used for router's own queries, DoT for your network queries.
 
Change both. Yes, it matters...

Use 1.1.1.2 and 1.0.0.2 with security.cloudflare-dns.com

1.1.1.3 and 1.0.0.3 uses family.cloudflare-dns.com

Also set the DNS Server 1 and 2 IP address

If you test DoT function to Cloudflare Help (https://cloudflare-dns.com/help/) disable DNSSEC or you will get an error.

Or use Quad9 1 and 2. The IP addresses for these are 9.9.9.9 and 149.112.112.112
 
Last edited:
Don't forget to update IPV6 as well...
Ah, good point. Maybe I will get IPV6 when my ISP is sold this summer. Then again, maybe not...
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top