Why is it important to secure DNS traffic?
DNS traffic is very similar to HTTP and HTTPS. Encryption is always preferable to no encryption.
When an application tries to access a web resource, the system creates a DNS request to resolve the domain name to an IP address. Typically, this request is sent via a DNS server configured on the local network. One of the security risks is that requests are sent over an unencrypted UDP channel. In practice, this means that other devices can not only see your requests, but interact with them and even give bogus responses. Another issue is relying on the DNS resolver on the local network. For example, if you are connected to a public Wi-Fi network, your Internet activity may be monitored or blocked.
How does DNS encryption improve the situation? Using secure protocols keeps your DNS queries and DNS responses secure.
If you do not trust the network you are connected to, you can send queries to a trusted DNS server.
How to set up AdGuard DNS on iOS 14
Profile setting
The first step is to create a DNS profile with DNS over HTTPS (DoH) support in iOS 14. Let’s look at the setup using the example of the profiles available for all AdGuard DNS and Comss.one DNS configurations. You can customize all profiles and switch between them as needed.
Simply open one of the following pages in Safari on your iOS mobile device:
AdGuard DNS
- AdGuard DNS profile – block ads, tracking, malicious sites and phishing.
- AdGuard DNS Profile Family Protection – Performs the same protection functions as the AdGuard DNS profile and also includes blocking adult sites, safe searches on search engines and YouTube Kids mode.
- Unfiltered AdGuard DNS profile – no content filtering or blocking. Suitable if you need a fast DNS server with no activity logs.
Comss.one DNS
- Comss.one DNS profile – blocks ads, tracking, malware and phishing sites (host servers).
- Comss.one profile DNS Vostok – Block ads, tracking, malicious and phishing sites servers for Siberia and Far East.
How to set up DNS over HTTPS (DoH) on iOS 14
After installing the profile, go to Settings . The profile will be a loaded tab.
How to test DNS over HTTPS (DoH) on iOS 14
your DNS profiles Settings | VPN and Network | You can manage from DNS . You can switch between existing profiles.
To test AdGuard DNS, go to the AdGuard test page and make sure AdGuard DNS is detected.
You can check the Comss.one DNS operation using the DNS Leak Test service (click the Extended test button). Make sure all DNS servers found are for Comss.one DNS.
If you are using AdGuard VPN or Adguard for iOS apps, the DNS server configured in them will be used first.
How is DNS over HTTPS (DoH) different from AdGuard?
Compared to AdGuard application, AdGuard DNS and Comss.one DNS have few disadvantages. This way, you can’t see exactly what requests are made by the apps installed on the device. Also, you won’t be able to use DNS filtering and manually adjust which servers are blocked and which are allowed.
Anyway, DNS provides an easy way with support for DNS over HTTPS (DoH). to start using secure DNS protocols. Another advantage of this method is native support on iOS. The next version of Adguard for iOS will add the ability to configure DNS servers using the operating system mechanism.