Does NordVPN over Cloudfare DNS make sense? (with extras)

So let’s say someone received a passive-aggressive notification and phone call from their ISP, and they decided to start locking down their network traffic, because like a dummy, they didn’t do that, before.

Thinking about such a "hypothetical" situation got me thinking about connection transparency, so I started testing.

Starting at the Computer level, NordVPN gets installed. But according to the experts who know a lot better, a VPN isn’t good enough.

So going to the router’s IPv4 network settings, the default DNS is changed from the ISPs default DNS (which would have been clearly listed there on the router page), over to Cloudfare’s and

But does that make sense to do that?

As I was thinking about this setup, I wondered if it made sense to set the VPN at the router level, too (supports OpenVPN), but figured it would be easier (for a novice who doesn’t want to mess up router settings) to install the VPN’s provided software, instead.


As I browsed through Firefox add-ons, I noticed some that provide proxy support.

As I tested this thing on, it displayed back a DNS from a Cloudfare server, it showed an IP address from the country where the NordVPN connection was being served from, and it recognized that a proxy was being used (which it threw in with "Your IP addresses").

And WebRTC has been disabled in "about:config" with "media.peerconnection.enabled = false". HTTPS Everywhere and Privacy Badger are enabled, Tracking Protection is set to Strict, Do Not Track is on; DRM, search suggestions, accessibility, studies and reports are all off.

But since was able to recognize everything I set up, I get the feeling I’m still doing it wrong, but since all the information displayed was wrong, I get the feeling I’m doing it right. Right or wrong?

Oh, and even with all that, would it make sense to employ the "internet villain" DoH too, or would that overwrite other settings I’ve already set up? Or would it do nothing, since Mozilla employs Cloudfare for its DoH, anyway?


This post may be too convoluted and mucked up compared to other questions on StackExchange, but I assume most of you know better than I do.