does not filter content if queries are made via DoT (DNS over TLS)

based on my test the Cloudflare DNS (No Malware or Adult Content) does not make Adult Content filter if the DNS query is made in DoT (DNS-over-TLS).
So, if I query via UDP port 53 (normal DNS) the Adult Content filter works (I tried www.youporn.com and the answer was
But if I query via TCP port 853 using DoT (DNS-over-TLS) and I lookup for www.youporn.com I have the correct IP of www.youporn.com.

Is it normal?
If yes, when will works with No Malware or Adult Content also for DoT (DNS-over-TLS)?
Thank you.

DoT is not currently supported for Cloudflare for Families.

1 Like

Thank you.
Any plan for implementation?
I hope also and will soon supports DoT and DoH also to benefit of “Android Private DNS” feature.


1 Like

If you’re looking to block adult content while adding security, such as & secure DNS, take a look at Clouldflare for Teams. I’m using a similar setup as listed in the blog post below.

It’s been good so far though it’s still pretty new.

1 Like

Thank you for your suggestion but for now I prefer to wait that Cloudflare will implement DoT also for and needs to stop answering dot queries until this is implemented so Android automatic private DNS stops automatically disabling filtering.

1 Like

+1 Is this going to be impemented? Like, ever?

1 Like filtering over DoT would be awesome +1

1 Like

Any news to support DNS over TLS (DoT) for Cloudflare DNS for Families ( and, and and ?

Hi, we’re actively working on implementing this over the next month or so. Expect this to ship in Q4.


That’s good news. Are CloudFlare planning on changing the DNS-over-TLS URLs to something more sensible at the same time?

1dot1dot1dot1.cloudflare-dns.com” is pretty horrendous. It’s terrible to read, too long and prone to typing errors when manually typing it in to a phone.

one.one.one.one” also isn’t particularly great; it isn’t going to scale well with “ for Families”, as .two and .three aren’t TLDs.

I think it’s something that CloudFlare need to sit down and think hard about now – before DNS-over-TLS and DNS-over-HTTPS become more mainstream and changing it later will be a PITA. Even the following is more readable than what’s currently being used:


Or are you possibly planning on using the same format for DNS-over-TLS that you use for DNS-over-HTTPS? I.E.


Bingo–same format for DoT that we use for DoH. Looking forward to getting this supported this quarter.


This is great news. Can’t wait for this!

I’m very interested in this feature too!

Please keep us posted! :pray:

Hello @pzimmerman
Any news? Q4 is going to terminate soon :smile:

DoT was released

Hmm, 1dot1dot1dot3.cloudflare-dns.com refuses to connect on my Android?

The updated page https://developers.cloudflare.com/ doesn’t mention or

Or you could create a new page for DoT/families similar to https://developers.cloudflare.com/ (DoH/families).

Also, https://developers.cloudflare.com/ should be updated.

Yes, I confirm, DNS for Families works also with DoT.
Tested queries to (on port 853) with unbound DNS Server.
Thanks Cloudflare!!