Is Cloudflare DNS Secure?

Independent privacy and security audit of Cloudflare DNS DNS servers, with live monitoring data.

Last updated March 26, 2026

Passes Security Audit

Cloudflare DNS meets our security criteria with strong encryption support, DNSSEC validation, and no NXDOMAIN hijacking.

Security Audit Results

Check	Result	Details
DNSSEC Validation	Yes	Validates DNSSEC signatures, protecting against DNS spoofing.
NXDOMAIN Hijacking	No	Returns proper NXDOMAIN responses for non-existent domains.
DNS-over-TLS (DoT)	Supported	Encrypted DNS available on port 853. Prevents ISP snooping on DNS queries.
DNS-over-HTTPS (DoH)	Supported	HTTPS-based encrypted DNS available. Works through firewalls and is supported by most browsers.
Logging Policy	Purged within 24 hours, audited by KPMG
Reliability	100%	Based on continuous monitoring from our probe network.

Type	IP Address
Primary	`1.1.1.1`
Secondary	`1.0.0.1`

Run a live privacy and security check on 1.1.1.1 from your location. Get DNSSEC, NXDOMAIN, encryption, and latency results in seconds.

See security audits for other DNS providers:

Cloudflare DNS passes our security audit with DNSSEC validation, no NXDOMAIN hijacking, and encrypted DNS support. It is safe for everyday use.

Cloudflare DNS logging policy: Purged within 24 hours, audited by KPMG. Always review the provider's current privacy policy for the latest details.

Cloudflare DNS supports both DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH), providing full encryption for your DNS queries.

Cloudflare DNS (1.1.1.1) has a reliability score of 100% based on our continuous monitoring. This is excellent uptime.

Primary: 1.1.1.1, Secondary: 1.0.0.1. Configure both for redundancy.