AdGuard

AdGuard Home

AdGuard Home is the next step up when it comes to blocking ads, trackers and all the other nasty BS what haunts the interwebs! We have nextDNS covered as a possible cloud solution, we have an in-house solution with Pi-hole and now we have a look at an open-source solution that I use personally.

Why AdGuard Home over Pi-hole I hear you ask? Well, there are a few things I will point out, let's start with the setup!

First you need a Raspberry Pi

Then you need the OS

Then go to https://github.com/AdguardTeam/AdGuardHome

Chose the Raspberry Pi solution

(or any other solution if you don't have a Pi)

Getting Started: 

https://github.com/AdguardTeam/AdGuardHome/wiki/Getting-Started

The guide is pretty easy to follow; therefore we've just linked it. Once you have set up AdGuard Home, the first thing you do after log in is to go to: 

DNS Settings

Settings --> DNS settings

In the Upstream DNS servers you'll find Quad9 servers pre-defined! Use or replace them with:

adblock.doh.mullvad.net (ad-blocking version)

doh.mullvad.net (Without ad blocking)

Note: You can use any other DNS or Upstream DNS server

DNS Server List

As you see here, the 'out of the box' AdGuard Home gives you the option for DNS-over-TLS and DNS-over-HTTPS vs Pi-hole, which doesn't do 'out of the box'.

Bootstrap DNS servers also have Quad9 servers as a fallback in case the encrypted servers don't work. Again replace these with any other trusted provider.

Block Services

Settings --> Client settings let you set blocking services on specific devices.

This means that when you have, for example, an iPad you like to use with YouTube and all other devices have YouTube blocked, you can make this service available for just that one device, another unique feature vs Pi-hole.

Sticking with this feature you can also block Facebook, WhatsApp, Instagram, Twitter and a few others with just one click!

As for filters, I've added every single filter listed on the hostfile list, just because AdGuard Home is powerful enough to handle them all. I can just whitelist in case I've blocked something that might be needed!

The Query Log is just as powerful as on Pi-hole!

You can manually block or unblock requests on this page If you decide to run AdGuard Home on the cloud, the setup is as easy as on the Raspberry-Pi. However, you can do something pretty powerful and unique by setting up your own encryption and domain.

In other words, host your own DNS-over-HTTPS and DNS-over-TLS server. You can find and set up this feature on Settings --> Encryption Settings

Finally, if you click on the setup guide at the end of the navigation section, AdGuard Home guides you through a super easy 'how to' guide on connecting your router, Windows, MacOS, Android, iOS or DNS Privacy setup.

I really enjoy AdGuard Home and can recommend it for use by anyone and everyone!

AdGuard Mobile

If you want to step things up 'on the go', and are willing to spend some money, iOS and Android both have you covered with AdGuard, which is not just a DNS, but also a firewall. Moreover, you can add blocklists, local and at the DNS level, with the app. This is where most DNS tools end.

However, NextDNS is also excellent, especially when you're just getting started with blocking ads and setting up a DNS which just works in the background.

iOS

AdGuard does allow you, in iOS, to select ads (in case they are not blocked yet) and block them in the future. This, sadly, only works on Safari. 

However, AdGuard can block system-wide via DNS settings:

AdGuard → DNS protection → DNS Filter

This is great and makes iOS a much better experience, with less telemetry, and you can even block Apple telemetry that way. I combine AdGuard with iVPN or ProtonVPN, and it is a solid setup.

Android

On Android, you have many options to lock down your system, two of the best are undoubtedly RethinkDNS and AdGuard.

With AdGuard, you can block ads, malware and use a local blocklist and/or a DNS level encryption/with blocklist. On top, you can just close down access to every single app, except the ones you need online, like your messaging apps, Mastodon, your browser etc. but keep the rest offline. Ever ask yourself why a calculator needs internet access? Your keyboard should not have any! Your Gallery app, or even your camera? I do, and I really don't want them to be online. So, once more, a firewall is a must.

Yet again, this is where AdGuard comes in. I recommend the APK from the AdGuard website and not even the F-Droid version, it seems to be a bit behind. The VPN APK (optional) is also on github, but you need to scroll a bit to find it. Could have linked it like the AdGuard app, but for some strange reason, AdGuard chose to only link the PlayStore app on the page. I have contacted them, and hopefully, they'll link the APK soon directly on the homepage.

AdGuard, unlike on iOS, has a built-in firewall as well. This gives you the power to allow access to the apps you need online and closes down every app which doesn't need to be online. Additionally, you can choose if the apps are online on Wi-Fi and Cellphone data, or just one of those, or even none. You can also select if this online activity can be online only when the screen is on, or also when the screen is off.

AdGuard → Settings → Apps Management

Go over every app and choose if you want that app to go online on WiFi, Cellphone or not even when the screen is off! This is an incredible feature to have, and it is also a super spy saver as Samsung routinely connects apps like Camera and Gallery to var.samsungapps.com or samsung.com.cn

We see no reason for this, and can't think of any. Sure, Samsung might claim they are checking to see if you need an update, but shouldn't that be done in the store or via regular updates? So why, when you are taking a picture or recording a video or looking through existing pictures, does this need to happen...again we can't see why! So just take this off the table and block internet access to the Camera and Gallery apps!

These features are also possible on RethinkDNS, TrackerControl and NetGuard, so these apps have you covered as well, and that's for free in RethinkDNS's and TrackerControl's case or in the paid version on NetGuard (which you should download via APK from the original developer, as the F-Droid and Google Play versions have fewer features.) 

However, back to AdGuard, which has way more features than in the iOS version including a Stealth mode, which is worth customizing to your needs. Just like on iOS, you can block locally and via DNS. You can add your own blocklists, via DNS level protection, which is brilliant!

Block directly at a DNS level

Click on AdGuard → Settings → DNS Filter

Select the DNS server you like, or add your own

Click on DNS request blocking and add any of your recommended lists.

Use the same lists on AdGuard → Settings → Content Blocking → Filters → Custom Filters

On Samsung devices, add this manually:

Go to Settings → Content Blocking → Filters → User rules and enter

||samsung.com.cn^
||dnsdelegation.io^
||crashlytics.com^
||samsungapps.com^
||baidu.com^
||360safe.com^
||360.cn^
||qq.com^
||samsungdm.com^
||samsungcloud.com^
||samsungimagine.com^
||secb2b.com^
||samsung.com^
||fbcdn.com^
||fasty.net^
||taobao.tw^
||taobao.com^
||localytics.com^
||medialytics.com^
||samqaicongen.com^

Yet, what shines here is the AdGuardVPN. As you know, firewalls on non-rooted devices use a VPN slot, which means NetGuard and RethinkDNS are taking this exact VPN slot and leave you with DNS and firewall protection.

However, you would not be able to use any other VPN anymore. AdGuardVPN, however, works together with the firewall and the DNS settings and, therefore, gives you the third option, of being in another country, hiding from your ISP and improving things as with the two other firewalls.

Once again, AdGuard is great, and it's open-source, which goes a long way when it comes to trust!

If you have multiple devices, and systems like iOS and Android, purchase directly for the official website, as you don't have the hassle of going through Google and/or Apple, yet have it on both devices at the same time.