11 November 2023
Cloudflare is an internet security company that has expanded rapidly since 2014, thanks to its success in protecting websites from hacker attacks. The company started up in 2009 and has expanded constantly. In a very short period, Cloudflare has established an impeccable reputation as a world leader in cybersecurity. In 2018, the company extended its activities to provide a privacy-driven DNS service to the public.
The IP address of the Cloudflare DNS service is 1.1.1.1, which is very easy to remember. You just need to go into the network properties of your browser to get access to the service. You do not have to pay anything or create an account.
The browser type that you use doesn’t matter because the DNS setting is a property of your network, over which all browsers connect to the internet.
Step 1: Get to the network properties
Step 2: Set up DNS for IPv4
Step 3: Set up DNS for IPv6
Setting up the Cloudflare DNS on Macs is very straightforward.
These instructions are for Ubuntu. However the steps are almost identical for all flavors of Linux.
Step 1: Get to the network settings
Step 2: Set the DNS for IPv4
Step 3: Set the DNS for IPv6
At present, Android devices only use IPv4 addresses. You need to be connected to the network that you want to change the DNS settings for.
Just like Android, iOS only uses IPv4 addresses.
Cloudflare will become a major rival to Google’s DNS service. Given Google’s major income stream from retargeted advertising, it is wise to be a little cautious about how its DNS service treats your privacy. However, there is no evidence that Google uses the transaction data from its DNS service to aid its targeted marketing business.
Although Cloudflare makes major claims about its integrity on protecting your privacy, it does have a small skeleton in its closet. The company doesn’t actually own the 1.1.1.1 IP address. That very distinctive address is on loan from APNIC, which is the non-profit IP address distribution authority for the Asia Pacific region.
As part of the deal that Cloudflare did with APNIC, all DNS access records are available to APNIC for research purposes. However, Cloudflare declares that the IP addresses of the customers that access the 1.1.1.1 DNS service are not available to APNIC, so no one identity is ever traceable. Cloudflare and APNIC are working together on a DDoS protection research project that relies on the aggregated DNS access data.
Another concern with the security of the Cloudflare DNS service arises from the Cloudbleed exploit discovered in 2017. This was a coding error in Cloudflare’s software that would enable hackers to get access to the usernames and passwords of the visitors to sites protected by Cloudflare. This problem was fixed by the company. However, although Cloudflare may have a very strong ethical stance on the protection of your privacy, new flaws in its software could expose your details to hackers and government security agencies anyway.
One very surprising fact about the Cloudflare DNS service is that just putting its 1.1.1.1 address in your network settings does not provide any security at all. Communications between your browser and the Cloudflare server is unencrypted and just as visible to your ISP as connections to Google’s DNS server or the Cisco OpenDNS.
Cloudflare claims that tests by DNSPerf show its DNS servers’ response times are much faster than the most commonly used DNS services of Google and OpenDNS. So the major benefit that Cloudflare offers over its rivals isn’t privacy or security — it is speed.
Here are some DNSPerf tests results comparing the response speeds of Cloudflare DNS to Cisco OpenDNS, Comodo DNS, and Google DNS:
DNS Service | Primary IP Address | Alternative IP Address | Response Time |
OpenDNS | 208.67.222.222 | 208.67.220.220 | 20.5 ms |
Comodo DNS | 8.26.56.26 | 8.20.247.20 | 72.7 ms |
8.8.8.8 | 8.8.4.4 | 34.16ms | |
Cloudflare | 1.1.1.1 | 1.0.0.1 | 12.78 ms |
The 1.1.1.1 DNS system does have encryption capabilities. However, these are not applied automatically because both sides in a secure connection need to be working with the same protocols, and browsers do not encrypt for DNS calls.
There are three secure DNS protocols that would enable your browser’s DNS calls to be encrypted. You would need to find out which secure protocols your chosen DNS server can handle and then implement that system on your computer. Here are some of the most widely used DNS servers and the security protocols that they can implement.
DNS Service | DNSCrypt | DNS resolution over TLS | DNS resolution over HTTPS |
Cisco OpenDNS | Yes | Yes | No |
Google DNS | No | Yes | Yes |
Quad9 | No | Yes | No |
Cloudflare | No | Yes | Yes |
CleanBrowsing | No | No | Yes |
So you can use Cloudflare securely and block your ISP or any security agencies gathering information on the sites you visit. However, you would have to install a DNS resolution over TLS system or a DNS resolution over HTTPS package. Unfortunately, these encryption standards for DNS traffic are new and still being developed. Browser producers are interested in the concept of secure DNS transactions and have teams working on developing those capabilities, but there are no signs that these advancements are nearing completion.
Although there seem to be some speed advantages to using the Cloudflare DNS system, it offers no security advantages over its rivals. Until browsers start to build in secure DNS messaging, your best option to protect your privacy is to install a VPN. Once browsers gain secure DNS capabilities, then all of the major DNS services will be able to protect your privacy, not just Cloudflare.
If you want to take the VPN route to protect the privacy of your DNS transactions, be careful. Not all VPNs will protect you sufficiently. Some VPN services allow your computer to continue using its default DNS service, which lets outsiders see the unencrypted requests for web server addresses. This situation is called a DNS leak. Check out the more advanced VPNs and look into securing your browser against viruses, hackers and snoopers. One day, your DNS transactions will be secure. Until then, not even Cloudflare can protect
Create, collaborate, and turn your ideas into incredible products with the definitive platform for digital design.
12 December 2022
This article explains how you can create cPanel backup from the command line, using your own username and password.
12 December 2022
Webuzo is a popular alternative to cPanel, a widely used web hosting control panel developed by cPanel, Inc.
02 February 2022
NFT domains are new web extensions that are deployed using ERC 721 and Polygon Network, except .zil which uses Zilliqa.
01 January 2022
This document describes how to manually delete a MySQL® database from a cPanel & WHM server. This is useful if, for exa
11 November 2021
To transfer your domain with us then must need EPP Code.
Contact us at