Build an Ad-Free and Tracker-Free Public DNS with AdGuard Home

Publish: 2019-02-28 | Modify: 2019-02-28

AdGuard Home is a software that provides ad-blocking and anti-tracking capabilities for the entire network. Once installed, it protects all your home devices without the need for any client software. With the rise of IoT and connected devices, it becomes increasingly important to have control over your entire network environment.

AdGuard Home

In simple terms, AdGuard Home is a public DNS service similar to Google's public DNS 8.8.8.8. Like DNSmasq, AdGuard Home is open-source and can be self-hosted and configured for use on client devices. Previously, I shared a project called PHPDNS that I developed based on DNSmasq, which had a simple interface but is no longer maintained. Here, I recommend AdGuard Home, which has more powerful features.

AdGuard Home is developed in Golang and provides pre-compiled binaries for various platforms, making installation very simple. Here is an example of installing it on CentOS 7. For other systems, please refer to the official documentation.

Key Features of AdGuard Home

  • Blocks ads everywhere
  • Focuses on privacy protection
  • Family protection mode
  • Customizable filters

Installation on CentOS 7 x64

The AdGuard Home binary files can be downloaded from https://github.com/AdguardTeam/AdGuardHome/releases. Choose the latest version according to your platform. The installation method for CentOS 7 is as follows:

# Download AdGuard Home
wget http://soft.xiaoz.org/linux/AdGuardHome_v0.93_linux_amd64.tar.gz
# Extract the files
tar -zxvf AdGuardHome_v0.93_linux_amd64.tar.gz
# Enter the AdGuardHome directory
cd AdGuardHome
# Allow port 3000 (required for AdGuardHome initialization)
# Allow port 3000 using firewalld
firewall-cmd --zone=public --add-port=3000/tcp --permanent
firewall-cmd --reload
# Allow port 3000 using iptables
iptables -A INPUT -p tcp --dport 3000 -j ACCEPT
service iptables save
# Start AdGuard Home
./AdGuardHome

After running AdGuardHome, you will be prompted to open http://IP:3000 in your browser to perform the initialization process as shown in the screenshot below.

AdGuardHome Initialization

Open http://IP:3000 in your browser and follow the prompts to complete the initialization. During the initial setup, you will be asked to set a username and password (please remember them) for future logins.

AdGuardHome Account Setup

Basic Configuration of AdGuard Home

Setting the Language to Chinese

In the AdGuard Home dashboard, you can set the language to Simplified Chinese at the bottom-right corner of the webpage. However, the translation may not be very accurate.

AdGuardHome Language Setting

Setting Upstream DNS

By default, AdGuard Home uses Cloudflare DNS as the upstream server. If your server is located in China, you may experience high latency when using Cloudflare DNS. In the settings section, you can change the upstream DNS to a Chinese DNS server, such as Tencent's 119.29.29.29. However, please note that this method does not support DNS over TLS.

AdGuardHome Upstream DNS Setting

Filters

In the filters section, you can see that AdGuard Home has built-in ad-blocking rules. However, these rules may not be optimized for China. If you want to achieve better ad blocking, you need to add your own rules.

AdGuardHome Filters

Here are some explanations of the filter rules. You can find more rules in the AdGuard Home dashboard or refer to the official documentation.

  1. ||example.org^ - Blocks the example.org domain and its subdomains.
  2. @@||example.org^ - Unblocks the example.org domain and its subdomains.
  3. 127.0.0.1 example.org - Redirects the example.org host to 127.0.0.1 (excluding subdomains).
  4. ! - Comment symbol.
  5. # - Another comment symbol.
  6. /REGEX/ - Regular expression pattern.

Additional Configuration

To manage AdGuard Home more conveniently, you can continue by running the command ./AdGuardHome -s install to install it as a service. Then you can use the following commands for management:

# Start
systemctl start AdGuardHome
# Enable on startup
systemctl enable AdGuardHome
# Restart
systemctl restart AdGuardHome
# Stop
systemctl stop AdGuardHome

DNS communication typically uses port 53 (TCP/UDP), so don't forget to allow traffic on port 53; otherwise, DNS will not work properly.

# Allow port 53 using firewalld
firewall-cmd --zone=public --add-port=53/tcp --permanent
firewall-cmd --zone=public --add-port=53/udp --permanent
firewall-cmd --reload
# Allow port 53 using iptables
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
service iptables save

Conclusion

AdGuard Home supports various systems such as MacOS, Windows, Linux, and Raspberry Pi. It provides binary and Docker installation methods, making installation simple. AdGuard Home also provides an intuitive statistics system for easy usage. If you are planning to set up your own public DNS, AdGuard Home is worth a try.

AdGuardHome Statistics

Additional Resources


Comments