๐ŸŽ‰ New: Visit our Open Project page to see current metrics.

PureDNS BETA

A better Internet with privacy-respecting and fast DNS resolver. Use our DNS-over-HTTPS/TLS features to encrypt name resolution.

Try It Now Support Us

Available on all devices and networks.

Using DNS-over-TLS

We provide DNS-over-TLS support on standard port 853. To start using PureDNS with DNS-over-TLS, you can use the following address.

puredns.org

Learn how to configure DNS-over-TLS on your device with the setup guide below.

Using DNS-over-HTTPS

DNS-over-HTTPS support is available on standard port 443. Our DoH servers support HTTP/2 and HTTP/3 for fast lookup results and to avoid blocking from ISPs.

https://puredns.org/dns-query

Using DNSCrypt

PureDNS can be used with DNSCrypt as a client by using DNS Stamps. Use the following DNS stamp in your DNSCrypt configuration.

sdns://AgcAAAAAAAAAAAALcHVyZWRucy5vcmcKL2Rucy1xdWVyeQ

You can verify the DNS stamp above using this tool provided by the official DNSCrypt team.

Using Plain DNS

While we don't recommend using unencrypted DNS (standard port 53) for private internet, there are some of us who want this support as part of their implementation; like using PureDNS on Routers. Use the IP addresses below to start using PureDNS.

For IPv4:

108.137.44.39
108.137.44.9

For IPv6:

2406:da19:66f:e810:2f1b:9ce8:a5f1:132f
2406:da19:66f:e810:92ad:7e02:fa25:38b9

Private DNS

Requires Android 9 or higher
  1. Go to Settings โ†’ Network & internet โ†’ Advanced โ†’ Private DNS.
  2. Select the Private DNS provider hostname option.
  3. Enter puredns.org and click Save.

Intra

Get Intra app on the Google Play

  1. Install Intra app from the Play Store.
  2. Go to Settings โ†’ DNS over HTTPS Server โ†’ Custom server URL.
  3. Enter https://puredns.org/dns-query and click Accept.

iOS and iPadOS

Requires iOS/iPadOS 14 or higher.
  1. Download our Apple Configuration Profile to enable Encrypted DNS feature.
  2. You can download configuration for DoH and/or DoT.
  3. Go to Settings โ†’ General โ†’ VPN & Device Mangement
  4. Tap the Downloaded Profile.
  5. Tap Install in the upper-right corner, then follow the onscreen instructions.

DNSCloak

Get DNSCloak app on the App Store

  1. Install DNSCloak app from the App Store.
  2. Search puredns using search bar.
  3. Tap puredns-doh and puredns-doh-ipv6.
  4. Tap Use this server.

Knot Resolver

  1. Install Knot Resolver.
  2. Use the following in /etc/knot-resolver/kresd.conf:
policy.add(policy.all(policy.TLS_FORWARD({
  {'108.137.44.39', hostname='puredns.org'},
  {'108.137.44.9', hostname='puredns.org'},
  {'2406:da19:66f:e810:2f1b:9ce8:a5f1:132f', hostname='puredns.org'},
  {'2406:da19:66f:e810:92ad:7e02:fa25:38b9', hostname='puredns.org'}
})))

Stubby

  1. Install Stubby.
  2. Use the following in stubby.yml:
round_robin_upstreams: 1
  upstream_recursive_servers:
  - address_data: 108.137.44.39
  tls_auth_name: "puredns.org"
  - address_data: 108.137.44.9
  tls_auth_name: "puredns.org"
  - address_data: 2406:da19:66f:e810:2f1b:9ce8:a5f1:132f
  tls_auth_name: "puredns.org"
  - address_data: 2406:da19:66f:e810:92ad:7e02:fa25:38b9
  tls_auth_name: "puredns.org"

Unbound

  1. Install Unbound.
  2. Use the following in unbound.conf:
forward-zone:
  name: "."
  forward-tls-upstream: yes
  forward-addr: 108.137.44.39#puredns.org
  forward-addr: 108.137.44.9#puredns.org
  forward-addr: 2406:da19:66f:e810:2f1b:9ce8:a5f1:132f#puredns.org
  forward-addr: 2406:da19:66f:e810:92ad:7e02:fa25:38b9#puredns.org

DNSCrypt

  1. Install DNSCrypt.
  2. Use the following in dnscrypt-proxy.toml:
server_names = ['PureDNS']

[static]
  [static.'PureDNS']
  stamp = 'sdns://AgcAAAAAAAAAAAALcHVyZWRucy5vcmcKL2Rucy1xdWVyeQ'

cloudflared

  1. Install cloudflared.
  2. Use the following in /usr/local/etc/cloudflared/config.yml:
proxy-dns: true
proxy-dns-upstream:
  - https://puredns.org/dns-query

Encrypted DNS

Requires Windows 10 or higher.
  1. Open Settings.
  2. Navigate to Network & internet โ†’ Status.
  3. Click on Properties.
  4. Click Edit under DNS settings.
  5. Select the Manual option, and then specify Preferred DNS and Alternate DNS IP addresses with 108.137.44.39 for Primary and 108.137.44.9 for Alternate.
  6. Select Encrypted only (DNS over HTTPS) for both.

YogaDNS

  1. Install YogaDNS.
  2. Go to Configuration โ†’ DNS Servers โ†’ Add.
  3. Enter PureDNS in the User friendly name.
  4. For Protocol you can select DNS-over-HTTPS.
  5. Specify the URL with https://puredns.org/dns-query.
  6. Click Check to quickly test the server and click OK.

See more details on how to configure YogaDNS.

macOS

Requires macOS Big Sur or newer.
  1. Download our Apple Configuration Profile to enable Encrypted DNS feature.
  2. You can download configuration for DoH and/or DoT.
  3. Open the downloaded .mobileconfig file.
  4. Open System Preferences.
  5. Go to Profiles.
  6. Click Install.

Google Chrome

  1. Go to Settings.
  2. In the Privacy and security section, click on Security.
  3. In the Advanced section, enable Use secure DNS.
  4. Select With: Custom, then enter https://puredns.org/dns-query.

Firefox

  1. Open Preferences.
  2. Scroll down to the Network Settings section and click on Settings.
  3. Scroll down and check Enable DNS over HTTPS.
  4. Select Custom, enter https://puredns.org/dns-query and click OK.

Microsoft Edge

  1. Open Settings.
  2. Go to the Privacy, search, and services section.
  3. Under Security, enable Use secure DNS to specify how to lookup the network address for websites.
  4. Select Choose a service provider, then enter https://puredns.org/dns-query.

Brave

  1. Open Settings.
  2. In the Privacy and security section (under Additional settings), go to Security.
  3. In the Advanced section, enable Use secure DNS.
  4. Select With: Custom, then enter https://puredns.org/dns-query.

IPv4 & IPv6

  1. Sign in to your router's web-based administration, usually at the following address: http://192.168.1.1.
  2. Find the DNS settings inside the interface.
  3. Change addresses (if any), with IPv4:

    108.137.44.39
    108.137.44.9

    or with IPv6 use addresses below:

    2406:da19:66f:e810:2f1b:9ce8:a5f1:132f
    2406:da19:66f:e810:92ad:7e02:fa25:38b9
  4. Click Save (or similar).

pfSense

  1. Navigate to Services โ†’ DNS Resolver and on the tab General Settings scroll down to the Custom Options box.
  2. Enter the following lines:
forward-zone:
  name: "."
  forward-tls-upstream: yes
  forward-addr: 108.137.44.39#puredns.org
  forward-addr: 108.137.44.9#puredns.org
  forward-addr: 2406:da19:66f:e810:2f1b:9ce8:a5f1:132f#puredns.org
  forward-addr: 2406:da19:66f:e810:92ad:7e02:fa25:38b9#puredns.org

MikroTik

Run the following:

/tool fetch url=https://curl.se/ca/cacert.pem
/certificate import file-name=cacert.pem
/ip dns set servers=
/ip dns static add name=puredns.org address=108.137.44.39 type=A
/ip dns static add name=puredns.org address=108.137.44.9 type=A
/ip dns static add name=puredns.org address=2406:da19:66f:e810:2f1b:9ce8:a5f1:132f type=AAAA
/ip dns static add name=puredns.org address=2406:da19:66f:e810:92ad:7e02:fa25:38b9 type=AAAA
/ip dns set use-doh-server="https://puredns.org/dns-query" verify-doh-cert=yes

Support the Development

You can use our service free of charge, but if you happen to think to help make PureDNS even better, please donate via the following links.

Saweria Patreon