Cloudflare launches 1.1.1.1 For Families with filter support - gHacks Tech News

ADVERTISEMENT

Cloudflare launches 1.1.1.1 For Families with filter support

Cloudflare launched its DNS service back in 2018 (on April 1) to the public promising a fast, private, and secure service. The company promised that 1.1.1.1 would be privacy-friendly, that it would not sell user data or use it for targeted advertising, and revealed that the service would never log full user IP addresses and erase logs every 24 hours. A recently published audit by independent auditing companyKPMG uncovered some minor issues but backed up Cloudflare's claims.

Yesterday, on April 1, Cloudflare announced an expansion of its DNS service called 1.1.1.1 for Families which adds new DNS Server IP addresses and filters to the service to block certain requests automatically. Users who used OpenDNS and some other DNS providers in the past may recall that these providers offered something very similar for quite some time already.

Filtering functionality was the number one request from home users according to Cloudflare and the main reason why 1.1.1.1 for Families was created.

1.1.1.1 For Families

1.1.1.1 for Families comes in two different versions: the first blocks known malware requests, the second malware and adult requests. Here is the information required to use the new DNS servers on your devices:

Malware Blocking Only

  • Primary DNS: 1.1.1.2
  • Secondary DNS: 1.0.0.2
  • IPv6: 2606:4700:4700::1112
  • IPv6: 2606:4700:4700::1002

Malware and Adult Content Blocking

  • Primary DNS: 1.1.1.3
  • Secondary DNS: 1.0.0.3
  • IPv6: 2606:4700:4700::1113
  • IPv6: 2606:4700:4700::1003

Cloudflare DNS without Filtering

  • Primary DNS: 1.1.1.1
  • Secondary DNS: 1.0.0.1
  • IPv6: 2606:4700:4700::1111
  • IPv6: 2606:4700:4700::1001

The filtering is automated at this point in time; Cloudflare plans to introduce management options in the coming months to whitelist or blacklist sites, schedule filters for certain times of the day, and more.

For now, the only option that you have to bypass filters, e,g. when a non-malware or non-adult site is blocked, is to switch the DNS service.

How to set up 1.1.1.1 for Families

Windows users may do the following to replace the current DNS provider with Cloudflare's:

cloudflare family dns

  1. Use the keyboard shortcut Windows-R to open the run box.
  2. Type netcpl.cpl to open the Network and Sharing Center (note that this may not be available in the newest builds of Windows 10)
  3. If it is not available, right-click on the network icon in the System Tray and select Open Network and Internet settings.
  4. On the page that opens, click on "change adapter options".
  5. Right-click on the active connection and select properties from the menu.
  6. Double-click on "Internet Protocol Version 4 (TCP/IPv4)
  7. Switch to "Use the following DNS server addresses".
  8. Enter the primary and secondary DNS server in the respective fields.
  9. Close the configuration window.

Pro Tip: You may also change DNS servers using PowerShell.

powershell change dns

Here is how that is done:

  1. Use Windows-X to display the "secret" menu.
  2. Select Windows PowerShell (Admin) from the menu to open an elevated PowerShell console.
  3. Confirm the UAC prompt.
  4. Run the command Get-NetIPConfiguration and note the value of InterfaceIndex of the Network Adapter that you are using (use other information, e.g. the InterfaceAlias value to identify the right interface if multiple are available).
  5. Modify the command Set-DnsClientServerAddress -InterfaceIndex 10 -ServerAddresses 1.1.1.2, 1.0.0.2 and run it afterward. Change the value after -InterfaceIndex to the right one on your device, and the IP addresses behind ServerAddresses to the desired DNS servers (first primary then secondary)

Installation guides are available here for routers, Linux, Windows, and Mac. Cloudflare has created applications for Android and iOS that users may download to use the DNS service on their devices.

You may use a program like Gibson's DNS Bechmark to test the performance of the servers.

Now You: Which DNS service do you use, and why?

Summary
Cloudflare launches 1.1.1.1 For Families with filter support
Article Name
Cloudflare launches 1.1.1.1 For Families with filter support
Description
Cloudflare announced an expansion of its DNS service called 1.1.1.1 for Families which adds new DNS Server IP addresses and filters to the service to block certain requests automatically.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: »

Comments

  1. clake said on April 2, 2020 at 9:18 am
    Reply

    I hope they expand the filtering options, as with nextdns’ many options. I still use 1.1.1.1 generally, as it is fastest and nearby with good feedback options for testing.

    It all reminds me of when the 14 year old nephew was around, I had to use opendns pr0n and gambling filtering, as he was becoming an “enthusiast”.

    1. tz said on April 8, 2020 at 4:45 pm
      Reply

      NextDNS.io is better, even providing analytics, selectable block lists, and white/black listing as well as logs and device detail.
      Supports direct, DoH and DNS over TLS (Stubby), and they have apps to create vpn type filters for devices.
      Cloudflare isn’t blocking trackers, facebook libraries in apps trying to grab your phone logs and contacts, and the rest.

  2. Kincaid said on April 2, 2020 at 9:31 am
    Reply

    What about for IPv6?

    1. Martin Brinkmann said on April 2, 2020 at 9:47 am
      Reply

      Added, thanks!

  3. Cor said on April 2, 2020 at 9:48 am
    Reply

    I’ve been using OpenDNS since DNS over HTTPS became a thing, with no issues thus far.
    For websites I’ve been using Cloudflare for almost a decade now, also without any issues whatsoever. These days I’m somewhat trying to avoid them just out of principle.

  4. Anonymous said on April 2, 2020 at 12:13 pm
    Reply

    more censorship! great!

    1. Silver said on April 6, 2020 at 3:09 am
      Reply

      Fortunately, you don’t have to use the one with filtering. So no censorship!

  5. Beta said on April 2, 2020 at 3:09 pm
    Reply

    I have been using the Cloudflare DNS for a long time. I only had a problem with it once. I was trying to connect to the internet in a hotel. I set the DNS back to automatic, and I got a connection. When I showed it to the hotel IT support guy, he told me that he would make sure it works the next time I stay with them.

  6. Yuliya said on April 2, 2020 at 3:45 pm
    Reply

    Yandex on PC, Adguard on phone.

  7. cdr said on April 2, 2020 at 3:48 pm
    Reply

    1.1.1.2 and 1.0.0.2. Check. Just added to my router at the top of the list.

    Every little bit helps.

    This was added to my pfSense / pfBlockerNG blocking of a large number of sites. Pihole also works well for those with retail routers and a spare device for pihole.

  8. RonGloom said on April 2, 2020 at 5:12 pm
    Reply

    I use Adguard DNS with ad blocking …it does very good job.

  9. Anonymous said on April 2, 2020 at 5:31 pm
    Reply

    malware blocking seems nice (not really interested in adult content censorship).
    but even with 1.1.1.2, i’m curious, who gets to decide what is malware?
    meaning, there is nothing to stop cloudflare from flagging some website as malware for example on grounds of some business interests conflict between them..
    so i will continue using 1.1.1.1 for now

  10. ELK said on April 2, 2020 at 5:49 pm
    Reply

    Is it just me? When I used the adware and adult DNS it caused all of the YouTube comment and playlist etc. stuff to disappear. All I was left with was just the video.

  11. Sebas said on April 2, 2020 at 8:05 pm
    Reply

    It blocks a lot of Youtube videos: https://blog.cloudflare.com/introducing-1-1-1-1-for-families/

    I don’t believe it has much to do with safe search. Innocent stuff like organ music is blocked.

  12. PSmith said on April 2, 2020 at 9:39 pm
    Reply

    If you set manual DNS in your router then you might see a third DNS resolver field. I suggest filling this in as leaving it blank lets devices use default resolvers if the first two don’t work.

    For the third entry either put in OpenDNS normal DNS of 1.1.1.1 or any one of the following filtering DNS servers (I’m sure other folks will list others too). Some of these have varying degrees logging of DNS requests so do your research for what you need.

    Quad9: 9.9.9.9
    OpenDNS: 208.67.222.123 (their free version)
    CleanBrowsing: 185.228.168.9
    Norton ConnectSafe (Malware, Phishing and Scam sites): 199.85.126.10
    Comodo Secure: 8.26.56.26

  13. Michael said on April 3, 2020 at 1:03 am
    Reply

    A nice thing about the 1.1.1.1 service is that cloudflare has a “tester” page at
    1.1.1.1./help
    where you can verify that 1.1.1.1 is actually being used. They do not seem to have an equivalent thing for the two new services.

  14. Squuiid said on April 3, 2020 at 5:55 am
    Reply

    Martin, you’ve missed out the IPs for malware and adult content blocking.

  15. notanon said on April 3, 2020 at 9:10 am
    Reply

    Seems stupid & pointless by Cloudflare, if they allow LGBTQXYZ sites on the “Adult filter” 1.1.1.3.

    “The Mistake that Caused 1.1.1.3 to Block LGBTQIA+ Sites Today”

    https://blog.cloudflare.com/the-mistake-that-caused-1-1-1-3-to-block-lgbtqia-sites-today/

    So you’re telling parents their children are safe on 1.1.1.3, but Cloudflare allows sites will show underaged an underaged dancing in drag to stripper music, while LGBTQXYZ people throw money at him & tell children how “stunning & brave” the child is.

    So tranny dick porn is okay (because it’s LGBTQXYZ), but regular porn is forbidden.

    Clown world.

    1. yuri said on April 4, 2020 at 3:46 am
      Reply

      That’s the pseudo liberals for you. It’s a messed up world.

  16. bevode said on April 3, 2020 at 2:29 pm
    Reply

    Your have forgotten the DOH addresses in the article

    Q: Does 1.1.1.1 for Families support DNS over HTTPS?
    R: Yes, to block malware, use https://security.cloudflare-dns.com/dns-query
    to block malware & adult content, usehttps://family.cloudflare-dns.com/dns-query.

    Q: Does 1.1.1.1 for Families support DNS over TLS ?
    R: No. But our team is working on it.

  17. Sebas said on April 3, 2020 at 2:55 pm
    Reply

    @Notanon. Yes. Sick world.

  18. Anonee said on April 3, 2020 at 7:56 pm
    Reply

    Had to stop using Cloudflare DNS a while ago because many sites simply wouldn’t load or load correctly with Cloudflare.
    For example, if you’re using Cloudflare right now, try loading archive.is and I bet you it still doesn’t work…

    1. Anonee said on April 4, 2020 at 11:54 am
      Reply

      Anonee, — https://twitter.com/archiveis/status/1018691421182791680

      Next time do some research before you run your ignorant mouth on the Internet.

      1. Anonee said on April 5, 2020 at 10:25 pm
        Reply

        @Anonee2, uhh yeah, exactly.
        Thanks for posting that tweet showing that archive.is doesn’t work with Cloudflare dns. There are many other sites I had problems with as well until I got fed up and finally just dumped cloudflare.

  19. Gargoyle said on April 3, 2020 at 10:31 pm
    Reply

    Having a lot of issues with the 1.1.1.3 variant with YouTube videos blocked or prompting to log in.

  20. anonymous said on April 4, 2020 at 2:20 am
    Reply

    Could anyone tell me if DNS over HTTPS works on all sites even if they are HTTP or does it only work on sites that are HTTPS?

    1. Martin Brinkmann said on April 4, 2020 at 7:43 am
      Reply

      DNS lookups are independent and work regardless of the protocol a site uses.

      1. anonymous said on April 4, 2020 at 6:20 pm
        Reply

        Thank you.

  21. Christophe said on April 4, 2020 at 2:32 pm
    Reply

    Good morning Martin,

    I tested yesterday the 1 1 1 3 and 1 0 0 3 and they worked fine.

    Except that today, problem, it doesn’t work anymore, pornographic sites are not filtered anymore (I wanted to protect my children).

    I wanted to contact them to ask them if there was a technical problem, they deleted all my messages from the comments area, someone tested them today?

  22. bland richard's flair said on April 4, 2020 at 9:56 pm
    Reply

    Yandex DNS 4 Life, USA dns go to Hell !!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.