To add to what the others have said, a VPN requires one end to authenticate to the other. Regular HTTP and DNS connections don’t.
If you need to access a service remotely, doing it over VPN requires the user to authenticate (to use the VPN).
If you simply expose the service publicly, even if the connection to it is encrypted, it doesn’t prevent random strangers from accessing it or trying to break in.
ruben