Private DNS Hosting — Encrypted, Zero-Log Nameservers

DNS queries reveal every website and service your domain connects to, creating a detailed map of your online infrastructure and, for visitors, a complete browsing history. Most DNS providers log this data extensively and share it with advertisers, analytics companies, and government agencies. Even encrypted HTTPS traffic is undermined when DNS queries are logged in plaintext.

Private DNS hosting addresses this vulnerability at the infrastructure level. AnubizHost's nameservers process your domain's queries without logging any metadata — no source IP addresses, no timestamps, no query types, and no response data. Your DNS infrastructure becomes a black box that resolves queries correctly without creating surveillance opportunities.

For website operators, this means your visitors' DNS queries to your domain cannot be harvested to build user profiles or track browsing patterns. For your own infrastructure, it means the relationships between your domains, services, and servers remain invisible to anyone monitoring DNS traffic at the resolver level.

AnubizHost supports DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) for encrypted query resolution, preventing ISPs and network observers from seeing which domains are being queried. These protocols wrap DNS queries in TLS encryption, making them indistinguishable from regular HTTPS web traffic and resistant to deep packet inspection.

Our DoH endpoint is compatible with all major browsers and operating systems, allowing your users to resolve your domain through encrypted channels without any special configuration beyond pointing their DNS resolver to our servers. For infrastructure use cases, our DoT endpoint provides the same encryption with lower overhead for server-to-server communications.

We also support EDNS Client Subnet (ECS) opt-out, which prevents our nameservers from forwarding any portion of the querier's IP address to authoritative servers. This further reduces the metadata available for tracking and ensures that DNS resolution reveals the absolute minimum information technically necessary to return the correct response.

All zone management operations — record creation, modification, deletion, and zone transfers — are conducted over encrypted channels. Our management dashboard uses TLS 1.3 with certificate pinning, and our API enforces HTTPS with modern cipher suites. Zone transfer operations (AXFR/IXFR) between our nameservers use TSIG authentication and encrypted transport to prevent interception.

If you operate your own primary DNS server and use AnubizHost as a secondary, zone transfers from your server to ours are authenticated with TSIG keys and encrypted in transit. This ensures that even if an attacker intercepts the transfer, they cannot read or modify your zone data. We provide detailed configuration guides for BIND, PowerDNS, NSD, and other popular DNS server software.

Our DNS management API uses token-based authentication with granular permissions, allowing you to create read-only tokens for monitoring systems and write tokens for automation pipelines. API tokens can be restricted to specific domains, record types, and operations, implementing the principle of least privilege across your DNS management workflow.

Setting up private DNS hosting with AnubizHost takes just a few minutes. Add your domain to our platform, point your domain's NS records to our nameservers, and begin managing your zone through our dashboard or API. We will automatically detect your existing DNS records and import them, minimizing the risk of disruption during migration.

Our free tier includes private DNS hosting for up to 3 domains with 1 million queries per month, making it easy to evaluate our service before committing. Paid plans scale from small portfolios to enterprise deployments with billions of monthly queries, dedicated nameserver instances, and custom anycast configurations.

Every plan includes our full privacy feature set: zero query logging, DoH/DoT support, DNSSEC signing, encrypted zone management, and nameservers in privacy-friendly jurisdictions. There are no privacy tiers or premium privacy add-ons. Every AnubizHost DNS customer receives identical privacy protections regardless of plan size.