dns-server-setup VS doh-cf-workers

Compare dns-server-setup vs doh-cf-workers and see what are their differences.


Ansible playbook to easily deploy new, fully configured, DNS servers. (by AhaDNS)


DNS-over-HTTPS proxy on Cloudflare Workers (by tina-hello)
Our great sponsors
  • Mergify - Updating dependencies is time-consuming.
  • InfluxDB - Collect and Analyze Billions of Data Points in Real Time
  • SonarQube - Static code analysis for 29 languages.
dns-server-setup doh-cf-workers
5 30
54 222
- -
2.7 0.0
over 1 year ago 2 months ago
Shell JavaScript
GNU General Public License v3.0 only BSD Zero Clause License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of dns-server-setup. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-07-22.


Posts with mentions or reviews of doh-cf-workers. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-06-10.
  • Public DNS resolver is blocked, way to bypass?
    3 projects | /r/mullvadvpn | 10 Jun 2023
    If Cloudflare Workers aren't blocked, you can use https://github.com/tina-hello/doh-cf-workers to forward to it, though it only work with DNS over HTTPS client (most desktop browsers, Windows 11, iOS, macOS, Intra on Android and YogaDNS on older Windows)
  • Ditching Normal DNS for Enhanced Safety: Zero Trust with DNS over HTTPS/TLS
    2 projects | /r/CloudFlare | 8 Mar 2023
    DoH is another game entirely, even if you import the known DoH domains manually, anyone including dedicated kids, can create their own DoH proxy in minutes.
  • Encrypted DNS, what's the point?
    3 projects | /r/privacy | 6 Mar 2023
    Even those who weren't interested in self-hosting might spend a couple of minutes hosting their own DNS proxy since it's much more flexible and don't require root or dedicated port (at least with DoH).
  • Stop devices from using other DNS to bypass AdGuardHome?
    4 projects | /r/AdGuardHome | 24 Feb 2023
    While you can in turn block those DoH servers (and probably block port 853 too to stop the default DoT & DoQ traffic), there are ridiculous amount of public DoH servers available, partly because of how easy it is to self-host AGH and expose the DoH endpoint to the public. Anyone can even create their own in minutes.
  • Android phones can't connect if I block port 853 on router to stop others bypassing NextDNS
    2 projects | /r/nextdns | 6 Jan 2023
    If you don't want to set up AGH at home or at a VPS, accept that the phones need to use the NextDNS/Nebulo/Intra/AdGuard app set to your NextDNS DoH endpoint while you block other providers, though this doesn't actually stop others from using their own/generic NextDNS, or even any provider if their DoH client support bootstrapping. Also, unless it's a seriously fancy router that analyzes traffic statistics, blocking DoH is merely using public list of DoH domains, anyone can create their DoH proxy which won't be blocked. Some routers have SNI filtering which can block websites regardless of the DNS used, but then you need to provide your own blocklist.
  • Subliminal Through Tor?
    3 projects | /r/linuxquestions | 24 Dec 2022
    That's probably SNI filtering, but try other servers from https://adguard-dns.io/kb/general/dns-providers/ and https://github.com/curl/curl/wiki/DNS-over-HTTPS/ just in case, or make your own proxy on https://github.com/tina-hello/doh-cf-workers
  • Zero Trust:Block other DNS over HTTPS/TLS
    2 projects | /r/CloudFlare | 8 Dec 2022
    If you want to go that route, keep in mind the entire Cloudflare Workers and Cloudflare Pages subdomains (workers.dev and pages.dev) can be used as free DoH proxy. Sure you can put the nuclear option, but it would break sites that do use them.
  • Filtering bypass.. I surrender? FEATURE REQUEST INSIDE
    3 projects | /r/nextdns | 5 Dec 2022
    A purely DNS-based solution is bound to be easily bypassed, it's really simple to bootstrap the IP so there's no need to even use the network/OS DNS to resolve the custom DoH domain, with hundreds of publicly known DoH and trivial deployment of DoH forwarder you're fighting a losing game.
  • The Best Blocklist!
    3 projects | /r/Adguard | 9 Nov 2022
    Laughs in deploying personal DoH. In general that's only useful if the user doesn't want to bypass (ie, browser's DoH auto upgrade), but when there's a will...
  • Blocklist for other DNS/DoH/DoT services
    2 projects | /r/nextdns | 30 Aug 2022
    There is some meager effort like this, but it's seriously trivial for one to create their own DoH proxy, or heck, just create their own NextDNS config. So even if you block port 853 (used by DoT & DoQ) and port 53 (unencrypted DNS), DoH traffic is simply unstoppable, yes there is traffic analysis, but with DoH3 it would be impossible to detect an innocuous-looking website serving regular traffic has a hidden DoH endpoint.

What are some alternatives?

When comparing dns-server-setup and doh-cf-workers you can also consider the following projects:

dnsproxy - Simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support

Technitium DNS Server - Technitium DNS Server

Pi-hole - A black hole for Internet advertisements

ansible-adguard - Ansible playbook to setup AdGuard Home with Unbound, including DoH, DoT & Let's Encrypt, based on Docker

sdns - A high-performance, recursive DNS resolver server with DNSSEC support, focused on preserving privacy.


serverless-dns - The RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io

libcurl - A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features

Unbound - Unbound is a validating, recursive, and caching DNS resolver.

docker-cloudflared - Cloudflared proxy-dns Docker image

unbound-docker - Unbound DNS Server Docker Image

dcompass - A high-performance programmable DNS component aiming at robustness, speed, and flexibility