Your Data. Your Privacy. Your Choice.

DeCloudUs is a privacy-first, feature-rich, customizable DNS service built with you in mind. DeCloudUs lets you block anything you wish while by default protecting you and your family from ads, trackers, malware, phishing, malicious sites and much more.

Get Started

Privacy Control

Keep your DNS queries private and block all ads, trackers, phishing, and malicious sites without any hassle or computer science degree.

Full DNS Customization

Block or allow anything you wish with a click of a button using our custom filter lists (with 700,000+ domains) or write your own filter rules.

Parental Control

Create dedicated DNS profiles for kids and easily block adult content, social media, etc. You can optionally enable logs and monitor their activities.

Nothing to Install

There is no software or apps to install - just a simple DNS setting change on a browser, device, or whole network done in a few seconds.

What Makes Us Different

DeCloudUs was established to meet some basic needs that other DNS providers were not fulfilling. Here are the main basic principles that guide what we do.

Commitment to privacy

DeCloudUs is on a mission to help you take back your digital privacy and preserve your online security. Privacy and security is the foundation of everything we do.

Our DNS service operates with the "zero knowledge" principle in that our DNS servers have zero knowledge of who you are or what DNS queries you are submitting.

To manage subscriptions, we only need an email address; we do NOT keep your name, billing information, or payment information on our side. In fact, you don't even create a username and password with us.

In addition, unlike other privacy-touting DNS providers that are heavily built using "Cloud" and big tech services (using Cloudflare Workers, Google hosted services, Cloudflare proxies, Amazon loadbalancers, etc), we use hardware servers to self-host all of our infrastructure and services, including our own crypto payment processing. There are no other providers or cloud services used in our DNS servers whatsoever.

We take all these measures and many more to guarantee the absolute maximum level of privacy and security for our users.

Providing actual value

Our goal is to not just provide a great service, but to also provide great value. DeCloudUs aims to fulfill all of your DNS need.

With DeCloudUs, you get access to multiple DNS servers that offer different types and levels of filtering capabilities to suit any use case you have for all of your devices or even entire home network. Moreover, we stand behind our filtering and blocking rules and ensure we do not block legitimate sites or allow sites that should be blocked.

We are never satisfied with the status quo, as we believe we can always do better; so we are constantly enhancing our service and adding new features to give our users more value.

Full customization

DeCloudUs Custom DNS aims to give users unprecedented ability to fully control what to block or allow. This is not just by how many buttons available for users to click on, but by how flexible the underlying platform is and the customization capabilities it offers.

DeCloudUs DNS contains many customized settings that you are unlikely to find with other providers: from letting you specifiy DNS server locations to use, to using custom upstream servers, using wildcard (*) value to develop broader rules, blocking sites/services based on IPs they resolve to, developing DNS rewrite rules, giving you full control over multitude of site categories and services you wish to block or allow, and allowing each user to create multiple custom DNS profiles with different custom settings.

The way we see it, it is your DNS, so it is your choice to fully control all of its settings.

Treating others the way we want to be treated

We simply offer great customer service. Any subscriber that reaches out for support often receives a response within 24 hours or less.

We always welcome users' comments and feedback, which often guide the development of new features.

Don't take our word for it; go ahead and give us a try - it is free for 10 days!

Advanced Features

Enjoy the most flexible and advanced DNS configuration available on the market.

Multiple Customized DNS Profiles

Create multiple customized DNS profiles for different family members and devices. Each of the profiles can have completely different settings for what to block and allow. You can also create profiles that enable DNS logs and statistics.

DeGoogle, DeApple, DeMicrosoft, & Much More

DeCloudUs curates block lists with over 700,000 domains so that, with a click of a button, users can block Google, Apple, Microsoft, gambling sites, piracy sites, crypto-jacking, adult sites, social media sites, streaming services, and numerous other options.

Your Own Custom Blocklist & Whitelist

You can create rules with wildcard (*) at any place, use IP addresses in rules to block/allow any and all domains that resolve to these IPs, enter DNS rewrite rules to specify how your server responds to a particular domain query.

Optional DNS Statistics & Full Logs

By default, DNS servers keep zero logs. If you wish to monitor DNS activities, you can easily enable logs by creating a special log-enabled profile. You will be able to view comprehensive statistics and even access and download the full logs.

Even More Features

Fully Customizable

Control what sites and services to block or allow with just a few clicks, which can be used for Parental Control.

Ad Blocking

DeCloudUs DNS blocks ad banners, pop-ups, and video ads once and for all for all devices, apps, and browsers.

Privacy Protection

DeCloudUs DNS blocks a multitude of online trackers that monitor your activities and erode your privacy.

Malware Protection

DeCloudUs DNS blocks known malicious domains to help protect you against fraud, phishing, and malware attacks.

Speed Up Your Browsing

With all the ads and trackers blocked, your devices will only focus on displaying the content you want to view.

Secure & Encrypted

DeCloudUs only supports encrypted DNS protocols: DNSCrypt, DoT, and DoH for privacy protection.

No Big Tech

Our service is built entirely on open source. We do not use third parties or cloud services in our DNS servers.

Simple To Use

No additional software or apps needed, just a simple DNS setting change that can be done in a few seconds.


We offer a free server for all to use. Subscriptions offer more features to contributors and help fund the project.

Our Servers

Premium Plus subscription grants access to all servers listed below (including Custom DNS). Premium subscription grants access to Alpha, Zulu, and Echo. You can choose which servers to use based on your needs and your devices.

Fully Control What Sites and Services to Block or Allow

As a Premium Plus subscriber, you get access to a fully-customizable DNS server. You have full control over what sites and services to block or allow with just a few clicks. Create multiple custom DNS profiles, each with its own separate settings; use different custom DNS profiles for different devices or family members with different DNS filtering needs. Think of this as having your own, personal, private, ultra-secure DNS server in the cloud, except with no hassle.

As a baseline, the custom DNS server blocks all ads, trackers, malware, phishing, and malicious sites. By the click of a button, you can block all Google services, Apple services, Microsoft service, gambling sites, piracy sites, crypto-jacking, adult sites, social media sites, streaming services, etc. In addition, you also control your own custom blocklist where you can add any additional domains or subdomains you wish to block.

To make things even more customizable, you also control your own whitelist where you can specify domains or subdomains you wish to allow. Additionally, you can specify a custom upstream DNS server to use alternative DNS roots (such as OpenNIC), use/access decentralized TLDs (such as OpenNIC TLDs), or obfuscate the use of DeCloudUs DNS from fingerprinting.

The "Original" DeCloudUs DNS

Alpha DNS servers are the "original" DeCloudUs DNS Premium servers where Google services and tracking are completely blocked (to fully deGoogle/unGoogle your device or your entire life, if you wish). In addition, the servers will also block ads, online trackers, and known malware, phishing, and malicious sites. If you are committed to your online privacy, this is a great way to protect your privacy whether you configure it on your browser, your device, or even your entire network, you can rest assured DeCloudUs Alpha DNS is blocking sites and services that can compromise your privacy without your knowledge.

DeCloudUs Test Server (information in section below) is based on DeCloudUs Alpha DNS.

Keep Essential Google Services Running

Zulu DNS servers were built based on popular demand for "deGoogle/unGoogle light". Unlike Alpha DNS servers (that will completely block Google), Zulu DNS servers blocks most Google domains and tracking, but will allow some popular Google services to work, such as YouTube, Gmail, Google Search, Google CAPTCHAs, and Android App Notifications.

Basically, Zulu servers will allow some essential Google services to function that some people want to keep using; these services would track you and impact your privacy ONLY if you choose to use them; for example, Google search ( cannot track your searches unless you specifically and knowingly use Google search and the same goes for YouTube, Gmail, etc.

With that said, Zulu DNS servers will still block most other Google services that run behind the scenes on many apps and sites that track you without your knowledge or consent (like Google fonts, tag manager, etc). In addition, the DNS servers will also block ads, online trackers, and known malware, phishing, and malicious sites.

To see complete list of domains/services that Zulu DNS allows, please visit the whitelist:

Advanced Blocking For Ads, Trackers, and Malware

Echo DNS servers give you a simple yet powerful way to enhance your online privacy and security. Echo servers block ads (including Google Ads), trackers (including all Google trackers), and known malware, phishing, and malicious sites while leaving non-ad and non-tracker Google services and sites running. Echo DNS servers are best suited for devices or an entire home network where Google services are in wide use, but you still wish to enhance your privacy and online safety.

Premium and Premium Plus subscribers have access to multiple servers. So you can use different DNS servers for different devices depending on your privacy goals. Echo servers give you more flexibility and choices.

Get Started

The service is powered by community contributions. Test server is fully functional but not as reliable or capable as Premium servers. Premium Servers operate on the community-based principle that those who contribute to a service should be the ones who benefit the most from it.

Plans are currently up to 50% off!


Test Server
Free to use
Forever & Always
  • Supports DNSCrypt, DoT, and DoH
  • Most DeCloudUs DNS features
  • One location in Germany
  • Prone to downtime
  • Throttled. Slow with high usage
  • One server based on Alpha DNS
  • Ideal for trying the service
  • One DNS profile for all users
  • No option for DNS statistics or logs
  • No DNS customization available


Echo Alpha Zulu
$0.99 $0.49/month
When Billed Annually
  • Supports DNSCrypt, DoT, and DoH
  • Most DeCloudUs DNS features
  • Choice of global locations
  • 100% availability target
  • No throttling. No limits
  • Multiple server options
  • Ideal for basic DNS Needs
  • Pre-configured profiles for all users
  • No option for DNS statistics or logs
  • No DNS customization available

Premium +

All Servers + Custom DNS
$1.66 $0.99/month
When Billed Annually
  • Supports DNSCrypt, DoT, and DoH
  • All DeCloudUs DNS features
  • Choice of global locations
  • 100% availability target
  • No throttling. No limits
  • Multiple server options
  • Ideal for all of your DNS needs
  • Create multiple custom DNS profiles
  • Option to keep DNS statistics and logs
  • Full DNS Customization

We offer 10 day free trial with no payment required until the trial period is over. To start free trial, please provide a valid email address. After confirming your email address, you will automatically receive an email with your access details for Premium or Premium Plus, based on your choice. During your free trial, you can subscribe if you wish to continue using the service. After the trial period, you will automatically be billed per the subscription agreement you select. Below are the payment methods we support. If you do not subscribe during free trial, your account will be automatically removed after the trial is period ends. You can cancel and delete your account at any time. You can find DeCloudUs full terms here.

Frequently Asked Questions

These are the commonly asked questions we receive. Please give them a look as they will address a few more topics that were not mentioned above. If you have another question, please feel free to contact us.

  • We receive many inquiries about how DeCloudUs DNS uses other "cloud" or "big tech" service providers in the DNS service. These inquiries often cite other privacy-touting DNS providers that use Cloudflare Workers, Google hosted services, Cloudflare proxies, Amazon loadbalancers, etc. The answer to that question is simple, there are no other providers or cloud services used in our DNS servers whatsoever.

    First, unlike other providers, we are fully transparent about the third parties DeCloudUs uses, in any way, in our "User Agreement and Privacy Policy" page (there are none for DNS servers). In short, we self-host all of our servers. We do not use "cloud" servers; rather, we lease hardware servers from data centers and we then install and manage all componets: firewall, Operating System, web server, DNS server, etc. While this is indeed more complex and more expensive than using "cloud" providers to deliver our service, it is the only way to guarantee optimal privacy and security, since we are in control of the DNS traffic and we do not trust it to any other provider. If we were to use Cloudflare Workers or proxies for example, Cloudflare would then, likely, be able to see unecrypted DNS queries/traffic coming from your IP address. That would never be OK with us; after all, what is the point of using a privacy-focused DNS service when all DNS traffic is handled by a third party provider that may have different privacy policies that the DNS service does not control?

    To conclude, we are committed to your privacy and security as outlined in our privacy policy. One of the main reasons behind our service is to "decloud" and take charge of our data and privacy from large tech companies that control most of the Internet. For us, building our DNS service on the top of other cloud services is simply not an option.

  • The short answer is no and no. There is no DNS query/request limit and there is certainly no limit on the number of devices you can use DeCloudUs DNS on. You can set up DeCloudUs DNS on as many devices as you wish, for you and your family in the same household.

  • As a baseline, every DeCloudUs DNS server provides "Privacy by Default" and "Security by Default" that collectively block over one million domains:

    Privacy by Default: all DeCloudUs DNS servers block all known ads, trackers, analytics, and web beacons domains from anywhere (the ones you see and the ones behind the scenes). This also includes device-specific trackers for a wide variaty of popular devices such Samsung, Apple, Microsoft, Google, Roku, Xiaomi, etc. These domains compromise your privacy and track your activities across the web to the profit of the companies using them. They provide no value and no benefit to you, so blocking them will not negatively impact your online experience. In fact, by blocking these domains, in addition to privacy protection, your online experience will be significantly enhanced by eliminating annoying ads and speeding up your browsing.

    Security by Default: all DeCloudUs DNS servers block a wide variaty of malicious sites that are used for phishing, spam, and spreading malware. DeCloudUs DNS uses various Threat Intelligence feeds to obtain the most up-to-date data on active malicious sites every day. In addition, DeCloudUs DNS is capable of blocking domains based on the IP address they resolve to; DeCloudUs blocks 1000s of malicious IPs, which in return blocks unlimited number of malicious domains that resolve to these IPs. While you should always remain vigilant of malicious sites, DeCloudUs DNS will help you stay safe online.

    DeCloudUs DNS supports encrypted DNS protocols: DNS over TLS (DoT), DNS over HTTPS (DoH), and DNSCrypt in order to keep your DNS traffic private and secure. In addition, DeCloudUs keeps no DNS logs to ensure that no one can see what DNs quries you are submitting.

  • Using DNS-based proxy (SmartDNS) comes with a grave privacy cost to you as the user. Providers of such service have to store/log your IP address in order for the service to work properly, since the IP address will be used to authenticate the user to the proxy service. This is something that you can confirm by reading the privacy policies for such providers. From our perspective, that's too much information to store and directly counters the mission of providing users more privacy; we never store/log user IPs for our service and, in fact, we purposely architected our service in a way to make that not possible.

    A better option would be to use a standalone VPN or HTTP Proxy service because they would not need to store/log your IP address. You can certainly use DeCloudUs DNS in combination of standalone VPN or HTTP Proxy to achieve your privacy goals. We would recommend using VPN and HTTP Proxy providers with solid privacy-focused policies.

  • You can fully control what sites and services to block or allow with a few clicks when using Custom DNS, including blocking adult sites, social media sites, streaming services, and much more. You can also manually add additional domains and subdomains to be blocked or allowed. This gives ultimate control over your online privacy and security and makes for a great Parental Control tool, if you need it.

  • Yes, it absolutely is! DNS level blocking can actually be more effective in blocking all these things and much more. With DeCloudUs DNS, unlike other content blockers, there is no additional software or apps to install - just a simple DNS setting change. Once your device, system, or home network is configured to use DeCloudUs DNS, you you have complete control over what to block or allow in a very thorough and granular way. For example, if you configure a device to use DeCloudUs with deGoogle, deApple, or deMicrosoft option enabled, DeCloudUs will block all these services from running anywhere on your device - in places you see and you don't see - within the Operating System, mobile apps, or browser.

    The same applies to anything DeCloudUs blocks, based on your settings, from ads, trackers, phishing, malware, adult sites, Google, Apple, Microsoft, social media sites, streaming services, etc. And due to the flexibility of DNS-based blocking, you can use it selectively for a browser, for an entire device or system, or for an entire network. You can also use different DeCloudUs DNS servers on different devices per your needs.

    Best of all, don't take our word for it.. go ahead and try for yourself how effective DeCloudUs DNS can be for your own needs! We offer a 10-day free trial for our Premium Plus, so you can get access to all of our servers risk-free.

  • Using a custom ROM or mobile operating system that respects your privacy is good solution. Rooting your phone to remove Google services can also work well. However, there are a few reasons for why that would not be possible:

    • You have a work phone that you cannot root or load custom ROM on
    • Your existing phone is not supported by deGoogled/unGoogled custom ROMs (and you cannot afford to get a new phone).
    • You do not have the technical knowledge to root your phone

    In such cases and others, deGoogling your phone via DNS block is a good alternative.

    Also, even if you have a custom ROM or rooted phone, Google and many other trackers will still run as it is embedded within many apps and sites. So you may still need a solution that will block Google, trackers, ads, and known malware sites.. like DeCloudUs DNS.

  • Yes, absolutely DeCloudUs can help! It is completely understandable that deGoogling is not for everyone. DeCloudUs can still help you achieve more privacy and security online with no impact on your favorite Google services. DeCloudUs offers Echo DNS Servers and Custom DNS Servers exactly for that purpose.

    Echo servers block all ads and trackers (including Google ads and trackers), but allow most Google consumer and business services to still work. Echo servers will improve the quality of your online experience by blocking annoying ads on browsers and within mobile apps, which will speed up your browsing. Echo servers will also enhance your privacy by blocking trackers that run in the background without your knowledge; these trackers serve no real purpose other than being used by ads and marketing companies to gather more and more information about what you do online. Consumer and business services (that are not ads or trackers) offered by Google and other companies will work perfectly fine with Echo servers.

    In addition to Echo servers, Premium Plus subscribers have access to Custom DNS servers. Using Custom DNS, you are in complete control for what to block or allow. As a baseline, Custom DNS will block all ads and trackers (including Google ads and trackers) and malicious websites. You can then specify other services or websites you wish to block to further enhance your online privacy based on your needs.

  • We only use secure DNS protocols, that's why DeCloudUs DNS supports popular secure DNS protocols: DNSCrypt, DNS over TLS (DoT), and DNS over HTTPS (DoH). DeCloudUs does not support plain DNS (where you use a IP address) as your DNS traffic would not be secure or private, which counters the mission of using a privacy-focused DNS service.

    You can use DeCloudUs DNS on any device or software that supports DoT, DoH, or DNSCrypt, which is fairly wide-spread nowadays. If your network device/router does not support encrypted DNS, you can set up secure DNS directly on individual devices that you wish to secure (mobile devices, laptops, browsers, etc). Alternatively, you can install additional software on your network to extend secure/encrypted DNS to your entire network (such DNSCrypt or Stubby).

  • DeCloudUs DNS only supports secure and encrypted DNS protocols (DoT, DoH, DNSCRYPT). So there is no option to use the typical, cleartext DNS over port 53, which is what your VPN provider expects by asking for direct IPs. As stated in FAQ above, using cleartext DNS (just the plain IP address) is vulnerable to multitude of attacks that can compromise your security, even if you do it in combination with VPN.

    For OpenVPN in general (which is what most VPN providers use), it is possible for VPN tunnel to use your device's DNS settings so you do not have to configure DNS IPs with the VPN provider. For mobile phones, for example, Private DNS option is set to use DeCloudUs DNS in android settings, as outlined in How-To section. Most VPN proivders allow you to download a VPN client profile to modify and use on other OpenVPN apps (like the official OpenVPN app). The OpenVPN client profile you use from the VPN provider doesn't have any parameters regarding DNS settings. DNS queries are then handled by DeCloudUs DNS, while the tunnel is up and running.

    This can also work the same way on other devices such as tablets, PCs, etc; simply configure the device to use DeCloudUs DNS directly (as outlined in the How-To section) and do not configure DNS settings for OpenVPN; at that point, the device would use its own DNS settings (i.e. DeCloudUs secure and private DNS) to resolve DNS queries while also tunneling the traffic to your VPN provider.

  • Yes, you certainly can! You can set DeCloudUs DNS as your upstream DNS resolver for AdGuard, pfSense, Pi-hole, OpenWrt, DNSCrypt-Proxy, etc. DeCloudUs DNS supports DoT, DoH, and DNSCrypt, so you have many options to choose from depending on what secure DNS protocols your device supports.

    Note regarding AdGuard Home: when adding DeCloudUs Alpha or Zulu in the upstream server settings and clicking the "Test Upstream" button, you may see an error saying it cannot be used. Simply ignore this and just click "Apply" button to save and apply the settings; you will see that AdGuard Home works just fine with DeCloudUs DNS as upstream server . The reason this happens is becuase AdGuard Home is testing whether the upstream DNS server is working or not by resolving "". DeCloudUs Alpha and Zulu (which are used for DeGoogling, blocking trackers, ads, etc..) return for (as opposed; solely based on that, AdGuard Home displays an error when clicking the test button; so it is safe to ignore that error and simply save your settings and AdGuard Home will start using DeCloudUs with no issues. DeCloudUs Echo servers do not cause this error with the test button in AdGuard Home becuase Echo servers are only for blocking Ads, trackers, phishing, malware, and malicious sites.

  • DeCloudUs DNS is NOT a custom software. DeCloudUs DNS is a service comprised of DNS servers, resolvers, and recursors. DeCloudUs DNS server components are built SOLELY using open source software: Debian OS, Nginx, Encrypted DNS Server,, etc), so there is no need for Github or Gitlab repo to share DNS server source code. What makes DeCloudUs DNS unique is how we fit all these open source components together in a way to deliver personalized DNS customization along with the advanced block/filtering lists to deGoogle, deApple, deMicrosoft, block ads, adware, trackers, known malware sites, adult sites, social media sites, etc, in addition to our unwavering policies regarding privacy and security.

  • If you are a Premium Plus subscriber, you can create a log-enabled DNS profile that will allow you to view all DNS queries and their responses.

    If you do not have a Premium Plus subscription or you do not wish to create log-enabled profile, there certainly are many other ways for you to see DNS query logs from your side (client-side). Here are some examples:

    Troubleshooting Tool: DeCloudUs DNS provides a troubleshooting tool for Premium and Premium Plus. The Troubleshooting tool allows to enter any domain or subdomain and then immediately tells you if it is blocked or not.

    Browser Developer Tools: When accessing a web site, to find what domains or subdomains are blocked when visiting this site, you can use browser Developer Tools network monitor (such as Firefox for example First, you set the browser DoH to use DeCloudUs DNS (as outlined in the How To section). The network monitor will show a "Domain" column and "Status" column when you visit a site; if a domain is blocked by DeCloudUs DNS, the status for that domain will be empty/null; if a domain is not blocked, it will have a status of some sort. This allows you to easily identify what is being blocked when visiting a particular site/page.

    Encrypted-DNS Client Apps (that show client logs) If you wish to view DNS logs associated to a mobile device or mobile app, there are many DNS client apps that support encrypted DNS that will show you detailed information about your DNS queries. For example, InviZible Pro (for Android) and DNSCloak (for iOS). While mobile devices have native support for encrypted DNS and DeCloudUs DNS can (and should) be configured directly on the device, if you have a need to see the device DNS queries, you can install such a DNS client app and configure it to use DeCloudUs DNS; this will allow you to see full details for your encrypted DNS traffic.

  • Please contact us and we will certainly look into it. Please let us know the following:

    • The exact URL that should or should not be blocked (otherwise it will be a wild goose chase!)
    • The server you are using (DoT/DoH URL or DNSCrypt stamp).

  • We can certainly look into it to see if it is possible. Here are the general guiding principles to follow for whitelisting subdomains on Zulu DNS servers:

    • It must be targeted whitelisting (for example, only one or two subdomains are needed for the requested service to run).
    • It cannot be a core Google subdomain used in many other services (for example,,, etc).
    • It must not have a large impact on user privacy, espeically if it is a Google service that runs in the background without a user knowing (for example,

    If your request follows these general principles, please contact us. Zulu whitelist is published here for all users to see: Otherwise, you are also free to fully control and customize your own deGoogling experience via Custom DNS.

  • The fastest way is to do a "DNS Leak Test" via an online tool such as Here is what you should see:

    • For DeCloudUs Test DNS server, you should see IPs that belong to OpenNIC project. We recently decided to use OpenNIC alternative root DNS system for Test server. OpenNIC root DNS gives access to more TLDs not part of the standard DNS root.
    • For DeCloudUs Alpha, Zulu, and Echo servers, you should see resolver Hostname "", which is our internal, super fast, ultra secure recursor resolver.
    • For DeCloudUs Custom servers, you should see resolver Hostname "" by default. However, you can change "Upstream" resolver via custom server settings; so if you made a change, you should see the Hostname and IP of the DNS resolver of your choosing.

Try DeCloudUs DNS For Free Now

See for yourself how DeCloudUs DNS can help you take control of your privacy, security, and your online activities.

Sign-up today for a 10-day free trial.