Most of the websites you visit everyday are encrypted using HTTPS/SSL certificates, but DNS queries are not. This poses potential security risks such as outsiders eavesdropping on the domains you visit or even Man-in-the-middle attacks. Thanks to the DNS over HTTPS functionality offered for free by Google and Cloudflare, your Synology router allows DNS queries from all devices in the network to be encrypted, keeping them safe from prying eyes and from your ISP. If you have a Synology router that is an RT2600ac or an MR2200ac, activating this option becomes child’s play. Below I will explain to you how to do it.
Go to Network Center / Local Network / General / Advanced Options and check Enable DoH (DNS over HTTPS). From the dropdown menu select Cloudflare or Google. I have selected Cloudflare because I trust it more than Google with regards to privacy. Follow the instructions in the image below.
After you check the “Enable DoH” option on STEP 2, a new pop up window will appear with the following message: Enabling DoH will change the current DNS settings. Are you sure you want to enable DoH? Click Yes. Follow the instructions in the image below.
Now you can test if the activation of the DoH Protocol worked by clicking the Test button. If the DoH protocol is working, you should see a green text in the Test result area saying “Testing connection succeeded.” Click Apply. Follow the instructions in the image below.
Now all your devices in your network connected to your Synology router such as computers, laptops, mobile phones, TVs, video surveillance cameras, tablets, Weather Station etc. will be protected automatically by the DoH protocol.
The DoH protocol improves your privacy and security by preventing eavesdropping and manipulation of DNS data. The encryption of DNS traffic protects you from potential risks such as an ill-intended actor redirecting you to a malicious destination. For example, a fake bank website instead of the real one you wanted to access.
Note: In addition to choosing CloudFlare or Google as your DNS-over-HTTPS provider you can also enter the URL of any other provider, the URL must be preceded by https:// just found this out recently when I switched to NextDNS and wanted to use their DoH protocol with my Synology RT2600ac router. Works great! Reported by Andrew Watkins.
This post was updated on Saturday / December 19th, 2020 at 10:36 PM