Sidebar
  1. Home
  3. Security Policy

Security Policy

Effective Date: 20th January 2025

Last Updated: 1st May 2025

At UK DNS Privacy Project, we take the security of our services and users seriously. This Security Policy outlines the measures we take to ensure the safety and integrity of our DNS services.

Infrastructure Security

Data Centers: Our servers are hosted in secure, UK-based data centres with robust physical and network security controls.

Redundancy: We employ geo-redundant infrastructure to minimize downtime and ensure consistent availability.

Access Control: Access to our servers is restricted to authorized personnel only, with strict authentication mechanisms in place.

Encryption

DNS-over-TLS (DoT): All DNS queries using DoT are encrypted to protect them from eavesdropping and tampering.

DNS-over-HTTPS (DoH): DNS queries over DoH are secured using HTTPS protocols to ensure end-to-end encryption.

TLS Protocols: We use up-to-date TLS configurations and industry-recommended cipher suites to secure communications.

Personally Identifiable Information: We encrypt all personally identifiable information, including names, email addresses and IP addresses. Where we are unable to encrypt data for performance reasons then we use SHA1 hashes with a seed of the required data.

No Logging

As stated in our Privacy Policy, we do not log or store DNS queries or user data. This minimizes the risk of data breaches and unauthorized access to sensitive information.

System Monitoring

We continuously monitor our systems for unusual activity, potential threats, and unauthorized access attempts.

Automated alerts are in place to respond quickly to potential security incidents.

Incident Response

In the event of a security incident, we have a robust incident response plan to:

  • Identify and contain the issue promptly.
  • Mitigate potential risks and vulnerabilities.
  • Notify users if their use of the service is impacted.

User Responsibility

While we strive to provide a secure service, users are encouraged to:

Use secure configurations when setting up DNS-over-TLS or DNS-over-HTTPS.

Keep their devices and networks updated with the latest security patches.

Vulnerability Disclosure Program

We take security seriously and appreciate the efforts of the security community. If you discover a security vulnerability, please report it to us using the following methods:

What to Include in Your Report

When submitting a vulnerability report, please include:

  1. A clear description of the issue
  2. Steps to reproduce the vulnerability
  3. Potential impact assessment
  4. Any suggestions for mitigation

Our Commitment

We commit to:

  • Acknowledge receipt of your report within 2 business days
  • Provide updates on the progress of addressing the vulnerability
  • Not take legal action against researchers who follow responsible disclosure practices
  • Recognize your contribution on our Security Acknowledgments page (with your permission)

For further details on our security practices, you can refer to the RFC 9116 security.txt specification which we implement.

Continuous Improvement

We regularly review and update our security measures to adapt to emerging threats and maintain the highest standards of protection.

Contact Us

For any questions or concerns about this Security Policy, or to report a vulnerability, please reach out to:

Email: security@dnsprivacy.org.uk

Give us Feedback Support Our Project
Share Share Share Share
Our use of cookies
We use a session cookie to maintain your login state when you create an account with us. This cookie is essential for the operation of our website and is used solely for authentication purposes. For more information, please read our privacy policy.