DNS Filtering Setup Guide

Beginner 15-30 minutes

Learn how to set up DNS filtering to block inappropriate content at the network level using services like OpenDNS, CleanBrowsing, and NextDNS.

Prerequisites:

  • โ€ข Access to your device's network settings or router admin panel
  • โ€ข Basic understanding of your home network setup

What is DNS Filtering?

DNS (Domain Name System) filtering is one of the most effective and easiest ways to protect your entire network from inappropriate content. DNS acts like the internet's phone book, translating website names (like google.com) into IP addresses that computers can understand.

By using a filtering DNS service instead of your default ISP's DNS, you can automatically block access to millions of inappropriate websites before they even load. This works across all devices on your network without installing any software.

Best for: Families wanting baseline protection for all devices, blocking at the network level, set-it-and-forget-it solutions.

๐Ÿ†š Comparing DNS Filtering Services

Here are the most popular DNS filtering services for family protection:

ServiceCostFiltering LevelsCustom ListsBest For
OpenDNS HomeFree3 levelsโœ“ (with account)Families wanting free, reliable filtering
CleanBrowsingFree + Paid ($5/mo)3 free levels, custom in paidโœ“ (paid only)Families with varied filtering needs
NextDNSFree (300k queries/mo) then $2/moHighly customizableโœ“ (extensive)Tech-savvy users wanting control
Cloudflare for FamiliesFree2 levels (malware, malware+adult)โœ—Basic filtering with privacy focus
Quad9FreeSecurity focusLimitedSecurity-first, basic filtering
Our Recommendation: Start with CleanBrowsing's free family filter or OpenDNS Home. Both are easy to set up, reliable, and don't require payment. Upgrade to NextDNS if you want detailed logs and custom blocking rules.

๐Ÿ“‹ Setup Methods

You can set up DNS filtering in two ways:

  • Device-Level: Configure DNS on each device individually. Protection travels with the device.
  • Router-Level: Configure DNS once at your router. All devices on your network are automatically protected.
Recommended approach: Set up DNS filtering at the router level for home protection, AND on mobile devices so they're protected when away from home.

๐Ÿ  Router-Level Setup (Protects All Devices)

DNS Server Addresses

First, choose a DNS service and note its server addresses:

OpenDNS Home (FamilyShield)

208.67.222.123 208.67.220.123

CleanBrowsing (Family Filter)

185.228.168.168 185.228.169.168

Cloudflare for Families (Malware & Adult)

1.1.1.3 1.0.0.3

Configuration Steps

  1. Access your router's admin panel

    Open a web browser and type your router's IP address (usually 192.168.1.1 or 192.168.0.1). Check the sticker on your router if unsure.

  2. Log in with your admin credentials

    Use the username and password printed on your router or the ones you set during initial setup. Common defaults: admin/admin or admin/password.

  3. Find the DNS settings

    Look for sections labeled "Internet", "WAN", "DNS", "Network Settings", or "DHCP Settings". The exact location varies by router brand.

  4. Change the DNS servers

    Replace the existing DNS server addresses with your chosen filtering DNS addresses. Enter the Primary and Secondary DNS addresses.

  5. Save and reboot

    Save your changes and reboot your router for the changes to take effect. Most routers will do this automatically.

  6. Restart your devices

    For immediate effect, restart your connected devices or disconnect/reconnect from WiFi.

Important: Write down your original DNS addresses before changing them, in case you need to revert the changes.

๐Ÿ“ฑ Device-Level Setup

Windows 10/11

  1. Open Settings โ†’ Network & Internet
  2. Click your connection (WiFi or Ethernet)
  3. Click "Edit" next to IP assignment
  4. Choose "Manual" and enable IPv4
  5. Enter the DNS addresses in "Preferred DNS" and "Alternate DNS"
  6. Click Save

macOS

  1. Open System Settings (or System Preferences)
  2. Go to Network
  3. Select your connection and click Details (or Advanced)
  4. Click the DNS tab
  5. Click the + button and add both DNS addresses
  6. Click OK and Apply

iPhone & iPad (iOS/iPadOS)

  1. Open Settings โ†’ WiFi
  2. Tap the (i) button next to your network
  3. Scroll down and tap "Configure DNS"
  4. Tap "Manual"
  5. Remove existing servers and add the new DNS addresses
  6. Tap Save
Note: iOS requires DNS configuration per WiFi network. For cellular data protection, consider using a DNS profile or VPN app.

Android

  1. Open Settings โ†’ Network & Internet (or Connections)
  2. Tap WiFi and long-press your network
  3. Tap "Modify Network" or "Manage Network Settings"
  4. Show Advanced Options
  5. Change IP Settings to "Static"
  6. Enter the DNS addresses in DNS 1 and DNS 2 fields
  7. Save changes
Android 9+: You can use "Private DNS" feature. Go to Settings โ†’ Network & Internet โ†’ Private DNS and enter a DNS-over-TLS hostname (e.g., family-filter.cleanbrowsing.org).

โœ… Testing Your Setup

After configuring DNS filtering, verify it's working properly:

  1. Check your DNS server

    Visit dnsleaktest.com or whatsmydns.net to confirm you're using the correct DNS servers.

  2. Test filtering

    Try visiting a test blocked site. Most DNS providers have test domains. For example, OpenDNS uses internetbadguys.com. You should see a block page.

  3. Test normal browsing

    Make sure legitimate websites load properly. Test a few popular sites to ensure nothing is over-blocked.

Success! If you see a block page on inappropriate sites and normal sites load correctly, your DNS filtering is working.

๐Ÿ”ง Advanced Configuration

Creating a Free OpenDNS Account

  1. Sign up at signup.opendns.com
  2. Add your home network (it will detect your IP address)
  3. Customize filtering levels and categories
  4. Add individual sites to allow or block
  5. View browsing statistics and logs

NextDNS Custom Configuration

  1. Create account at nextdns.io
  2. Set up a configuration profile
  3. Choose blocklists (ads, trackers, adult content, gambling, etc.)
  4. Add custom allow/block lists
  5. Use your unique DNS addresses provided
  6. Review detailed analytics and query logs

โ“ Troubleshooting Common Issues

Websites are loading very slowly

Solution: The DNS server might be too far from your location. Try a different DNS service or use your ISP's DNS as secondary.

Some sites are over-blocked

Solution: Create an account with your DNS provider and add the sites to your allow list. Or switch to a less restrictive filtering level.

Filtering isn't working

Solution: Clear your device's DNS cache. Windows: ipconfig /flushdns, Mac: sudo dscacheutil -flushcache, or restart the device.

Works at home but not on mobile data

Solution: DNS filtering set at the router only works on your home network. Configure DNS on the device itself or use a DNS profile/VPN for cellular protection.

Someone bypassed the filtering with VPN

Solution: DNS filtering can be bypassed by VPNs or alternative DNS apps. Combine with device restrictions to block VPN apps, or use router-level VPN blocking.

โš–๏ธ Pros & Cons of DNS Filtering

โœ… Advantages

  • Protects all devices on your network automatically
  • No software to install on each device
  • Free options available
  • Very easy to set up (15-30 minutes)
  • Blocks sites before they load (faster and safer)
  • Works across all apps and browsers
  • Minimal performance impact
  • Can be configured on devices for mobile protection

โŒ Limitations

  • Doesn't work on mobile/cellular data (unless configured per device)
  • Can be bypassed by changing DNS settings (combine with device restrictions)
  • Can be bypassed with VPNs
  • No time limits or scheduling
  • Basic reporting (unless using paid plans)
  • Doesn't filter HTTPS content within sites
  • May occasionally over-block legitimate content
  • Doesn't control apps or screen time