Mullvad VPN - Security audit of account and payment services

Quoting the report :

No critical, high or medium rated issues were identified during the penetration test and the overall security of the API is deemed good.


Please Mullvad, now we want DOH support for your Custom DNS Feature in all of your apps.

Doesn’t that already work?

This is their own DNS over HTTPS but I want to put an alternate dns server like NextDNS for example on the custom dns feature of their apps.

That might be bad for your privacy since it will make you stand out. Also there are literally no benefits to it.

1 Like

I understand your concern but I believe that enabling custom DNS-over-HTTPS with NextDNS is a good security practice that can help protect my privacy and security. While the VPN service may provide their own secure DNS resolver, I prefer to use NextDNS for my own reasons, such as its additional features or my familiarity with the service.

Enabling custom DoH with NextDNS does not necessarily mean that I am compromising the security of the VPN service. Instead, it allows me to further customize and enhance my own security and privacy on top of the existing protections provided by the VPN service.

Ultimately, everyone has different security and privacy needs, and there is no one-size-fits-all solution. As long as we make informed choices based on our own priorities and preferences.

1 Like

And why doesn’t that work with their DNS guide, can’t you not just replace their DNS with NextDNS?

You can only put IP adresses on the custom DNS feature…


I have sent an E-Mail to the Mullvad Team and a team member said that he has forwarded my feature request to their developers.

You can just change the DNS settings in your OS, or set the private DNS on your phone.