Avast Antivirus: Secure DNS - FAQs
Frequently Asked Questions
What is Secure DNS?
Secure DNS protects you against DNS (Domain Name System) hijacking when a malicious program redirects you from a URL with a verified IP address to a fake website designed to acquire any sensitive login information and credit card details you type. Secure DNS provides an encrypted connection between your web browser and Avast's own DNS server to ensure that the web page in your browser is the authentic one.
How does Secure DNS work?
Avast Secure DNS copies every web request made by your system and compares the IP address your internet provider offers to the IP address Avast Secure DNS offers.
One of the following three actions are taken:
- When IP addresses are the same, no change is made and the IP from your provider is used.
- If Secure DNS does not offer an IP address, the internet provider address is used.
- If Secure DNS offers a different IP address than your internet provider, the Avast IP address is used.
Does Secure DNS affect the speed of my web browsing?
Avast Secure DNS routes your connection using an IP address that is known and secure even if the route may be slightly slower. This slight decrease in speed can be caused by one or more of the following:
- There are some countries where Avast does not have a DNS server and accessing them from an external country can be noticeably slower compared to using the default DNS.
- The Avast IP may have a longer route to the same server than the default DNS IP address.
- Some providers, including corporate networks, have their own DNS servers which sort and handle DNS requests. These servers may have different, locally based IP addresses that differ from the global IP address and may load web sites faster.
- Some providers, including corporate networks, block or filter encrypted DNS requests which may slow down, or stop connections to Avast Secure DNS if the request waits for a timeout.
The following must be enabled for Avast Secure DNS to work:
- UDP - port 443
- UDP - port 53 with encrypted communication enabled
How can I turn Secure DNS off?
While we do not recommend turning off Secure DNS, we understand that some users may want to disable the feature for various reasons. Step-by-step instructions to disable Secure DNS are available in the following article:
Why does my Secure DNS status say 'Not available'?
While Secure DNS supports the same operating systems as Avast Antivirus, certain network configurations or policies may not allow you to control DNS settings. If your Secure DNS status says Not available, we recommend the following:
- Contact your firewall vendor to check that your network firewall allows UDP port 443, and that UDP port 53 allows DNS with encryption.
- Consult your network administrator or ISP to ensure your DNS settings are protected.
- Avast Premier 12.x
- Avast Internet Security 12.x
- Avast Pro Antivirus 12.x
- Microsoft Windows 10 Home / Pro / Enterprise / Education
- Microsoft Windows 8.1 / Pro / Enterprise
- Microsoft Windows 8 / Pro / Enterprise
- Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate