Configuration profiles for DNS over HTTPS and DNS over TLS.
Check out the article for more info: paulmillr.com/posts/encrypted-dns/
To make settings work across all apps in iOS 14 & MacOS Big Sur, you’ll need to install configuration profile. This profile would tell operating system to use DOH / DOT. Note: it’s not enough to simply set server IPs in System Preferences — you need to install a profile.
To install, simply open the file in GitHib, and then click/tap on "Raw". The profile should download. On macOS, doubble click on the downloaded file to open it in settings, and approve instalation. On iOS, go to System Settings => General => Profile, select downloaded profile and tap the “Install” button.
In the signed folder, we have signed versions of the profiles in this repository. These profiles have been signed by @Candygoblen123 so that when you install the profiles, they will have a verified check box on the installation screen. It also ensures that these profiles have not been tampered with. However, since they were signed by a third party, they may lag behind their unsigned counterparts a little.
- 🇷🇺 AdGuard
- 🇳🇱 Alekberg
- 🇨🇳 Alibaba
- 🇨🇦 Canadian Shield - Operated by the Canadian Internet Registration Authority (CIRA)
- 🇺🇸 Cloudflare
- 🇨🇳 DNSPod
- 🇺🇸 OpenDNS
- 🇺🇸 Quad9 — Filters malicious domains. Operated by CleanerDNS, Inc.
- 🇸🇬🇺🇸 Tiar.app — "Privacy-first DNS provider". Filters some domains. Server is located in SG, hosted on Digital Ocean
To verify resolver IPs and hostnames, compare mobileconfig files to their documentation URLs. Internal workings of the profiles are described on developer.apple.com. In order to verify signed mobileconfigs, you will need to download them to your computer and open them in a text editor, because signing profiles makes GitHub think that they are binary files.