this post was submitted on 02 Oct 2023
144 points (96.2% liked)

Privacy

39405 readers
629 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] IrrerPolterer@lemmy.world 33 points 2 years ago (3 children)

Pi Hole with a few good block lists...

[–] IrrerPolterer@lemmy.world 8 points 2 years ago (5 children)

Also using this on the go through VPN

[–] watson387@sopuli.xyz 6 points 2 years ago
load more comments (4 replies)
[–] pacology@lemmy.world 3 points 2 years ago (2 children)
[–] IrrerPolterer@lemmy.world 13 points 2 years ago (1 children)

Out of the box, pihole has a few block lists already set up. Those are pretty good already.

To add more, you can find some good block list collections online. No need to add them all. Pick a good handful, depending on the category of stuff you want to block. Here are some helpful links:

https://firebog.net/

https://github.com/lightswitch05/hosts

... Once you got a few block lists set up, you'll probably want to whitelist some things specifically, that are otherwise caught up in the filter. This is a super helpful resource for that:

https://discourse.pi-hole.net/t/commonly-whitelisted-domains/212

[–] LazerDickMcCheese@sh.itjust.works 3 points 2 years ago* (last edited 2 years ago)

There's a script on github (don't have the link right now) for an automated whitelist. I was expecting it to break some things or end up useless, but it was the perfect addition for me Edit: https://github.com/anudeepND/whitelist

load more comments (1 replies)
[–] user224@lemmy.sdf.org 26 points 2 years ago (1 children)
[–] Platform27@lemmy.ml 26 points 2 years ago* (last edited 2 years ago) (1 children)

Adguard Home. I find it to be more feature complete, compared to Pi-Hole. Nicer GUI, more options, built in DNS-over-HTTPS/TLS, better client controls & detection, more domain information, better domain list blocking, and so on.

I moved from NextDNS, to Adguard Home. All self hosted, and accessed with a reverse proxy.

[–] American_Jesus@lemm.ee 8 points 2 years ago (4 children)

Same, used NextDNS and Pi-Hole then move to AdGuard Home til today.
Built-in (DoH, DoT,...) servers are useful and simple to setup with client identification.

load more comments (4 replies)
[–] EmhyrVarEmreis@lemm.ee 19 points 2 years ago

Adguard home for everything

[–] Imprint9816@lemmy.dbzer0.com 13 points 2 years ago (7 children)

Pi-hole for my home network. NextDNS on my phone.

load more comments (7 replies)
[–] zwekihoyy@lemmy.ml 13 points 2 years ago* (last edited 2 years ago) (1 children)

nextdns is the most performant option I've used. it often beats our cloudflare even. adguard wasn't bad but it was a bit more cumbersome and very slow.

I don't like recommending self hosting as opening ports on a private network isn't a great idea. you could use something like cloudflare or tailscale to bridge access but you'll run into issues with network speeds.

[–] spudwart@spudwart.com 4 points 2 years ago (2 children)

opening ports on a private network is fine as long as you exercise a sane amount of security measures.

load more comments (2 replies)
[–] possiblylinux127@lemmy.zip 12 points 2 years ago

I just use ublock origin

[–] Anticorp@lemmy.ml 10 points 2 years ago

NextDNS. Easy, free, and effective.

[–] ShellMonkey@lemmy.socdojo.com 9 points 2 years ago

Adguard home with a few extra lists and custom rules. Just got the sync tool set up to auto replicate changes from one to another so no more copy/paste to a secondary. Great when I need to restart a VM and don't want to take out the internet while it reboots.

Used pihole some while back but the feature list was tiny by comparison, though it was a good while back so probably unfair to compare.

Also ran with pfBlocker for a while, nice to have it right on the gateway but found it a bit opaque and lacking customization for my needs.

[–] chaklun@lemm.ee 8 points 2 years ago* (last edited 2 years ago)

What about Mullwad dns

[–] vox@sopuli.xyz 8 points 2 years ago

nextds, feels almost like a pihole but unnecessarily crippled in some ways, which don't really matter to me.

[–] toxicyeti@sh.itjust.works 7 points 2 years ago* (last edited 2 years ago) (1 children)

Adguard home for everyone in the house. Externally I just use ublock Origin and Cloudflare's DoH.

[–] jeanofthedead@sh.itjust.works 6 points 2 years ago

NextDNS. Several years now. It’s absolutely brilliant.

[–] drwho@beehaw.org 6 points 2 years ago

Specifically DNS? I have a Pi-Hole on my home network that is configured as a recursive resolver, and a second Pi-Hole on my personal VPN server (same).

[–] shortwavesurfer@monero.town 5 points 2 years ago

Controld.com

[–] Shape4985@lemmy.ml 4 points 2 years ago
[–] Rooki@lemmy.world 4 points 2 years ago (1 children)

Just use pihole the rest is just a honeypot

[–] fluffery@lemmy.ml 4 points 2 years ago (5 children)
load more comments (5 replies)
[–] hellequin67@lemm.ee 3 points 2 years ago* (last edited 2 years ago) (1 children)

I use two across different devices.

base.dns.mullvad.net

noads.libredns.gr

Both offer DNS over TLS and both are privacy focused which was why I decided to use them.

[–] Contort3860@links.hackliberty.org 4 points 2 years ago (1 children)

Does DNS over TLS have any advantages over DNS over HTTPS?

[–] hellequin67@lemm.ee 7 points 2 years ago (1 children)

Not really and some would argue that from a local network perspective HTTPS is preferable.

The main difference is that HTTPS routes through a standard port so gets "lost" in all other Https traffic whereas TLS uses a distinct port so whilst it's encrypted you would be able to see at the local level that you're using DNS over TLS but not what you're doing.

load more comments (1 replies)
[–] lckdscl@whiskers.bim.boats 3 points 2 years ago

Adguard Home on the homelab, with my router set to use it as DNS, alongside Tailscale with Headscale on top to reroute all traffic through the home network so that ad blocking works all the time, on all devices that can use Tailscale, and also away from home.

[–] Melody@lemmy.one 3 points 2 years ago

I use Adguard because it's pretty reliable and solid.

I would love other options but I haven't found many that rival Adguard. I'm very picky about DNS because frequently services that I use can detect them and most free providers do nothing to alleviate blocking.

[–] Samsy@lemmy.ml 3 points 2 years ago

If you are the "VPN to home, always on" user, go for pi-hole.

Adguardhome has it's strengths when it comes to DoH, DoT, Quic usage.

[–] craigevil@lemmy.ml 3 points 2 years ago

NextDNS, plus Ublock Origin on any web browser.

[–] umami_wasbi@lemmy.ml 3 points 2 years ago* (last edited 2 years ago)

Blocky installed locally as a service for my PC https://github.com/0xERR0R/blocky

RethinkDNS for my phone https://rethinkdns.com/configure

[–] lemonuri@lemmy.ml 3 points 2 years ago

I use the Adblock plugin on an openwrt router to provide blocklists for the whole lan. It works rather weell.

[–] droidpenguin@lemmy.world 3 points 2 years ago

PiHole with the Star Trek web UI theme. I think it looks pretty nice and has worked well for me.

[–] Turbo@lemmy.ml 3 points 2 years ago

Pihole. Default block lists

[–] ioslife@lemmy.sdf.org 3 points 2 years ago

I couldn’t get AdGuard Home working properly on my server, so I have been using NextDNS.

This is a good reminder to attempt to get it set up again

[–] varaki@lemm.ee 3 points 2 years ago* (last edited 2 years ago)

I'm using controld dns, the oisd full version, legacy dns on the home router and as a private dns on android. I've tried multiple combinations, but this one has a sweetspot for both blocking and usability.

load more comments
view more: next ›