To configure Pi-hole on Ubuntu to use Cloudflare’s DNS over HTTPS (DoH) service, you’ll need to follow these steps:
- Install Pi-hole on your Ubuntu system following the official installation guide.
- Once Pi-hole is installed and running, log in to the web interface and navigate to the “Settings” page.
- Scroll down to the “DNS” section, and change the “Upstream DNS Servers” to
1.1.1.1and1.0.0.1which are the IPs for Cloudflare’s DoH service. - Under the DNS section, also select “Use custom DNS servers” and set DNS query forwarding to be “Encrypted (DoH)”
- Scroll down to the bottom of the page and click the “Save” button to apply the changes.
- Restart the Pi-hole service by running the command:
sudo service pihole-FTL restart
- Verify the configuration by visiting a site such as https://dnsleaktest.com and check that the DNS servers being used are Cloudflare’s DoH servers (1.1.1.1 and 1.0.0.1)
- You can also check the logs of Pi-hole to see if it is using DoH to communicate with the upstream DNS servers.
By configuring Pi-hole to use Cloudflare’s DoH service, all DNS queries from your network will be encrypted and protected from eavesdropping. It’s important to note that the above steps are just a general guide and you may need to adjust them to suit your specific requirements.