Indeed, you have indeed heard this statement. However, I have managed to eliminate that issue, and we no longer utilize plain DNS 53 on our network. Our network is functioning successfully.
Currently, my DNS query indicates that all our DNS servers are encrypted using DNS Over TLS.
Today, I turned off the DNS port 53. Since we have been cutting off our store’s DNS server, it has been a DNS amplification attack. So I found out that my Router does have a DNS Proxy, My DNS Server does have HTTP over TLS and DNS-over-HTTPS. Everything is working and attacking is currently stopped after I set up 853 port encryptions and disable Plain DNS. I also want to keep my stores safe.
My router has a DNS Proxy option, so I added my DNS IP Server,
Then I have gone to Wired Networks → LAN, then go to Admin
If you change DNS Server to your DNS, please change to Auto So DNS Proxy to do the job.
Now we have an encrypted DNS over TLS.