Avast Academy Performance Hardware How to Change Your Router DNS Settings and Avoid Hijacking

How to Change Your Router DNS Settings and Avoid Hijacking

DNS servers are a vital part of internet infrastructure, but they can be manipulated by hackers to redirect you to corrupted websites or steal your private data. Here’s how to configure your router DNS settings to prevent hijacking attacks. Then, learn how a VPN can give you a faster, safer browsing experience.

Written by Oliver Buxton
Published on March 17, 2022

What is DNS?

The Domain Name System (DNS) is the internet’s phonebook — a list of every address on the internet. When you want to visit a website, you use a domain name, like google.com or facebook.com. Domains make navigating the web easy, because most websites use easy to remember names.

Hamburguer menu icon

This Article Contains :

    When you enter a domain into a web browser, your browser converts the domain name into a numerical string, called an IP address. Every website has its own IP address — when you visit a website, the IP of your device sends a message to the IP of the website you want to visit, requesting information to be sent back, like a homepage.

    In the same way that using a phone book (before the internet age) meant we didn’t have to remember everyone’s actual phone number, DNS directories are indexes of every website on the internet. The DNS is why we don't need to remember the complex numerical strings of specific IP addresses when we browse the web. We only have to remember a website's name.

    DNS servers act as a go-between, connecting humans and the computers we use by converting the domain names we type into web browsers into the machine-readable code needed to access the desired web page, server, or internet service we’re trying to visit.

    What is DNS hacking?

    DNS hacking attacks on internet routers allow cybercriminals to divert network traffic by manipulating DNS settings. By exploiting software vulnerabilities to hijack routers, hackers can override the DNS server settings and send domain name requests to IP addresses of their choosing in what’s known as a man-in-the-middle attack.

    Instead of connecting to the site or service you want, router hacking means you might land on a fake pharming website that could infect your computer with malware or capture your personal data. Even the usually secure SSL protocol may not keep you completely safe, as you’re sent through malicious servers and the encrypted connection is cut.

    If your router is set to its default factory settings or protected by a weak password, you’re at heightened risk. It’s estimated that over 60% of wireless routers run with default passwords, meaning hackers can take control without even having to work for it.

    Default DNS router settings

    By default, your router uses DNS servers set up by your internet service provider. All the devices on your network — computers, smartphones, tablets, games consoles, and anything else — use your router’s DNS server. If you alter or update the DNS server settings directly on your router, the updated configuration is applied to every device on your network.

    DNS influence on internet speed

    The DNS server you use doesn’t technically impact the speed of your internet connection, but it can affect how quickly certain pages load depending on the location of the servers the DNS directs your web traffic to.

    While there’s no impact on download speeds once connections have been established, switching to a different DNS server with lower latency can give you a smoother and faster browsing experience.

    How to change DNS server

    If you have an Android phone or tablet, it’s easy to change your DNS settings.

    1. Open up Settings and tap Connections to display your available Wi-Fi networks.

      Locating the Connections menu in Android Settings.

    2. Tap the Settings icon next to your current network connection.

      Modifying Wi-Fi network settings in Android Settings.

    3. Tap Advanced and then tap the IP settings box and switch to Static rather than the default DHCP setting.

      Changing Wi-Fi network IP settings from DHCP to Static in Android Settings.

    4. Input your preferred primary and secondary DNS servers under DNS 1 and DNS 2.

      Inputting primary and secondary DNS server IP addresses for a Wi-Fi network on Android.

    5. Now tap Save. Your device will now use your primary DNS server setting (DNS 1) when connected to that Wi-Fi network.

    Note that the steps above change the DNS settings only for the device you’re on. To configure your preferred DNS server across your entire home network, it’s best to change router DNS settings at the source. Then, all devices connected to it will follow the new protocol.

    How to change DNS settings on a router

    You can change your router DNS settings through your router’s web interface — the process varies slightly depending on which router you have. To change your router DNS settings you need to assign it a static IP address. Check out the user guide or setup manual to learn more.

    Here’s how to change the DNS server on the most popular routers.

    Linksys routers

    1. Type into your browser’s address bar and sign in to your Linksys router’s web interface.

    2. Click Setup on the main menu and then select Basic Setup.

    3. Enter your preferred primary and secondary DNS servers in the Static DNS 1 and Static DNS 2 fields.

    4. You can add a primary DNS server from another provider in the Static DNS 3 field or you can leave that field blank.

    5. Click Apply at the bottom of the screen to save your settings.

    NetGear routers

    NetGear uses several different default gateway addresses, so first you need to find the IP address of your specific router.

    To find your router’s default gateway IP address, open Command Prompt by typing cmd into the search field on your desktop taskbar, enter ipconfig, and find the string of numbers listed next to Default Gateway.

    Once you have your router’s default gateway IP, follow these steps:

    1. Sign in to the NetGear web interface by entering the default gateway IP address into your browser.

    2. Some NetGear interfaces have Basic and Advanced tabs displayed at the top of the page. If so, select Basic and then click the Internet option. If not, simply click Basic Settings instead.

    3. Under Domain Name Server (DNS) Address, select Use These DNS Servers.

    4. Enter your preferred primary and secondary DNS servers in the Primary DNS and Secondary DNS fields.

    5. Click Apply. Restart your server if prompted — otherwise you’re all set.

    Asus routers

    1. Enter into your browser’s address bar to access your Asus router’s admin page.

    2. Select WAN from the left-side menu and then click the Internet Connection tab at the top of the window.

    3. Scroll down to WAN DNS Setting and change the setting called Connect to DNS server automatically to No.

    4. Enter your preferred primary and secondary DNS servers in the DNS Server 1 and DNS Server 2 fields.

    5. Click Apply to save your settings.

    Why you should change DNS router settings

    Changing your router to an alternative DNS server has many benefits. It can give you faster web browsing and reduce the likelihood of technical issues disrupting your connection. And the best DNS servers include enhanced security features against dangerous websites and phishing attacks to help keep you safe online.

    The best DNS servers

    The best DNS servers are free, while offering a more reliable, faster, and more secure connection. There’s nothing wrong with the default DNS server designated by your internet service provider, but you can likely do better.


    Cloudflare offers a free DNS server along with its suite of web services, and it often appears at the top of lists of the fastest public DNS service.

    But Cloudflare’s DNS isn’t all about speed. Privacy protocols are built into the service — instead of using your browsing history to serve you ads, or sharing your behavior with other companies, Cloudflare deletes all data logs needed to run the service within 24 hours.

    Google Public DNS

    Google’s free DNS server is not only very easy to use, but is likely an upgrade over standard ISP servers in almost every regard. If you’re concerned about your data privacy, note that Google Public DNS only stores full IP address data for up to 48 hours, and only permanently stores a small, randomized sample of anonymous information for diagnostic purposes.

    Learn more about how Google uses your data, or check out our guide to downloading your Google data.

    Open DNS

    Along with low-latency connections ensuring lightning-quick page loads, Open DNS has comprehensive security features, including automatic blocks on phishing sites, and parental controls to restrict access to harmful web content. Reliability is another feather of Open DNS, as it’s one of the few DNS providers that boasts 100% uptime.


    CleanBrowsing is another highly rated DNS server that emphasizes family-friendly security features, including fully customizable filtering tools for blocking age-inappropriate content. With built-in anti-phishing and ransomware protections, CleanBrowsing is a great DNS choice for safety-conscious users.


    From the developers of award-winning antivirus software, Avast’s free DNS over HTTPS (DoH) service protects you from malicous websites and DNS-based attacks, such as man-in-the-middle and other spoofing attacks. You can set it up easily on popular operating systems and browsers, including Google Chrome.

    Why you should use different DNS servers

    Using the best DNS server is rarely a one-time solution. You may have configured your internet router’s DNS settings to suit your family needs, but what about when you take your phone, laptop, or tablet to work, or connect to public Wi-Fi?

    Your home DNS needs may differ from those outside your home, especially with regard to security, so you should consider using different DNS servers depending on the network you’re connected to. This is especially true when traveling internationally, since the speed and reliability of DNS servers can vary by region and country.

    Protect against router hacking

    The easiest way to protect your internet router from DNS hijackers is to change the default login credentials and use a strong, unique password. And change the name of your network, so that hackers won’t know what router model you’re using.

    And to further protect the devices on your network, use Avast SecureLine VPN, which will encrypt all your internet traffic so you can enjoy safe, secure, and totally private browsing, regardless of which network you’re on.

    Secure your internet and access content freely with Avast SecureLine VPN

    Free trial

    Secure your internet and access content freely with Avast SecureLine VPN

    Free trial
    Oliver Buxton