# Security and Advanced Configurations

#### <span style="font-weight: 400;">How can I set up Encrypted DNS (DNS-over-HTTPS or DNS-over-TLS)?</span>

<span style="font-weight: 400;">SafeDNS provides a dedicated guide for configuring </span>[Encrypted DNS](https://docs.safedns.com/books/installation-guides/page/encrypted-dns-setup-dohdot)<span style="font-weight: 400;">, specifically covering </span>**DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT)**<span style="font-weight: 400;">. This setup allows users to establish secure links using the Encrypted DNS feature provided by the service.</span>

<span style="font-weight: 400;">By using these encrypted protocols, users can significantly increase their </span>**privacy and security**<span style="font-weight: 400;"> by preventing unauthorized third parties from eavesdropping on their DNS queries. However, administrators should also be aware that some browser-level DoH or DoT settings can be used to bypass filtering, and the documentation </span>[recommends](https://docs.safedns.com/books/installation-guides/page/web-filtering-bypass-prevention)<span style="font-weight: 400;">[ ](https://docs.safedns.com/books/installation-guides/page/web-filtering-bypass-prevention)blocking these settings in browsers like Firefox and Chrome to ensure network policies remain effective.  
</span>

---

#### <span style="font-weight: 400;">Why do I need the SafeDNS Root Certificate for HTTPS pages?</span>

<span style="font-weight: 400;">A </span>[Root certificate or SSL certificate](https://docs.safedns.com/books/installation-guides/page/safedns-root-certificate-for-https-pages)<span style="font-weight: 400;"> is a fundamental component of modern website security. SafeDNS provides a root certificate specifically for use with </span>**HTTPS pages**<span style="font-weight: 400;"> to ensure that encrypted web traffic is handled correctly within the filtering environment.</span>