Blog

• Recommend Enabling ECS
• AdGuard Private - Enhanced DNS Service Based on AdGuard Home
• Full Support for HTTP/3 Protocol
• Introducing Custom Client Name Feature
• The Necessity of Ad Blocking--Protecting Attention and Privacy in the Digital Age
• Service Resource Optimization Strategy Explanation
• Basic Edition Memory Limit Adjustment
• Always Ready to Provide Support Services
• How to Set Up a Dedicated Link
• Fully Upgraded - Enhanced Ad Blocking Rules
• Trial Version Service Details

Recommend Enabling ECS

To achieve the best DNS resolution experience, we have preset some recommended configurations, but there is still a configuration that users need to pay attention to, which is “EDNS Client Subnet”.

Enabling EDNS Client Subnet (ECS)

For a better experience, you may want your DNS server to return server IP results that are geographically closest to you. EDNS Client Subnet (ECS) enables this. It allows the IP subnet containing geographic information to be sent to the DNS server, so the server can return the optimal DNS resolution results.

How it works:

When ECS is enabled, your DNS resolver (such as AdGuard Home) includes a portion of the client IP address (usually the first 24 bits, indicating the client’s subnet) in the DNS query and sends it to the upstream DNS server. The upstream DNS server then uses this subnet information to return the server IP address most suitable for that region.

sequenceDiagram
    participant Client
    participant DNS Resolver
    participant Upstream DNS Server

    Client->>DNS Resolver: DNS Query
    DNS Resolver->>Upstream DNS Server: DNS Query with ECS (Client Subnet)
    Upstream DNS Server->>DNS Resolver: DNS Response (Geo-localized IP)
    DNS Resolver->>Client: DNS Response (Geo-localized IP)

Privacy considerations:

Enabling ECS can improve DNS resolution accuracy and speed but may also introduce certain privacy risks. By sharing the subnet of your client IP address, your approximate geographic location might be recorded by the upstream DNS server. Please weigh this based on your own situation before enabling it.

How to balance:

Enabling ECS can achieve a balance between access speed and accuracy. If you have high privacy requirements, you can disable ECS, though this might reduce access speed. If you want the best access experience, you can enable ECS, but be aware of the potential privacy implications. This privacy information is collected by the upstream DNS provider, and this service still adheres to the privacy policy, not collecting or using any information.

AdGuard Private - Enhanced DNS Service Based on AdGuard Home

AdGuard Private: Privacy-Focused DNS Service

Visit the official website for more information: AdGuard Private

This project is a secondary development based on AdGuard Home and follows the GPL 3.0 open-source license.

Source code is available at: GitHub - jqknono/AdGuardHome

Enhanced Features

Compared to the original AdGuard Home, we have added the following features:

• 📜 Automated SSL Certificate Management
  • Automatic certificate application and renewal
  • Support for wildcard certificate configuration
• 🛡️ Enhanced Security Features
  • Intelligent rate limiting protection
  • Optimized access experience for mainland China
• ⚙️ Optimized System Configuration
  • DHCP service disabled to focus on DNS functionality
  • Fixed cache size at 4MB for stability

Hosted Service Advantages

We provide professional DNS hosting services with the following features:

• 🏢 Deployed on Alibaba Cloud Hangzhou node
• 🌐 Comprehensive Protocol Support
  • IPv6 support with direct connection to mainstream IPv6 upstream
  • DoT (DNS over TLS)
  • DoH (DNS over HTTPS)
  • HTTP/3 support for significantly reduced latency
• 📊 Powerful Rule Management
  • Support for third-party blacklist and whitelist imports
  • Capacity for 1 million rules
• 📝 Comprehensive Logging and Statistics
  • 72-hour query record retention
  • 24-hour detailed statistical analysis
• ⚖️ Load Balancing
  • Multi-server distributed deployment
  • Intelligent load distribution
• 💰 Competitive Pricing

Performance and Effectiveness Evaluation

Ad blocking at the DNS level has its unique advantages:

• 💪 Advantages

  • Zero additional power consumption
  • Full device coverage
  • Reduced network wake-up frequency on devices
  • Decreased loading of unnecessary data

• ⚠️ Limitations

  • Lower blocking precision compared to browser extensions
  • Unable to achieve the filtering effect of MITM solutions

Particularly suitable for mobile device usage scenarios, balancing privacy protection with battery life.

Full Support for HTTP/3 Protocol

We are excited to announce that AdguardPrivate now fully supports the HTTP/3 protocol. All existing users will automatically upgrade to enjoy the performance improvements brought by HTTP/3, with no additional configuration required.

Important Update Notes

• iOS Users: You can now use HTTP/3 directly via the DoH protocol, enjoying lower network latency
• Android Users: Due to system limitations, the DoT protocol is still in use; support will be available after future Google updates
• Performance Boost: Initial response speed is significantly improved compared to HTTP/2, with faster connection establishment
• Smart Switching: In network environments that do not support HTTP/3, the system will automatically switch to HTTP/2 to ensure service stability

In-Depth Analysis of HTTP/3 Technology

HTTP/3, as the latest version of the HTTP protocol, is based on Google’s QUIC transport protocol and brings several innovative technical advantages:

Core Features

1. QUIC Protocol Based on UDP

   • Significantly reduces connection establishment time
   • Improved multiplexing capabilities
   • Smarter packet loss handling mechanisms

2. Optimized Performance

   • Zero handshake latency (0-RTT)
   • Enhanced congestion control
   • Connection migration support

3. Enhanced Security

   • Integrated TLS 1.3
   • Encrypted handshake process
   • Reduced risk of man-in-the-middle attacks

Connection Establishment Comparison

Usage Recommendations

• Ensure your client supports the HTTP/3 protocol
• Keep your client version updated
• In restricted network environments, the system will automatically downgrade to HTTP/2

Notes

• UDP traffic may be restricted in some regions, affecting HTTP/3 performance
• Performance may vary under different network conditions
• The system will automatically select the optimal protocol based on network conditions

References

• HTTP/3 Specification Document
• Detailed Explanation of QUIC Protocol
• IETF HTTP/3 Standard

Introducing Custom Client Name Feature

Feature Introduction

To enhance user experience, AdGuardPrivate now supports the custom client name feature. With this feature, you can set unique identifier names for different devices, making device management more intuitive and convenient.

Configuration Guide

The configuration method varies slightly depending on the device type:

Android Devices

Simply add a custom prefix before the domain name, in the following format:

{Device Name}.{Original Domain}

Example: xiaomi-15pro.xxxxxxxx.adguardprivate.com

iOS Devices

1. Go to the “Settings Guide” page
2. Enter the custom name in the “Client ID” input field
3. Download and apply the new configuration file

Browser Configuration (DoH)

Add a custom identifier after the original DoH address:

Original format:

https://xxxxxxxx.adguardprivate.com/dns-query

New format:

https://xxxxxxxx.adguardprivate.com/dns-query/{Device Identifier}

Example: https://xxxxxxxx.adguardprivate.com/dns-query/pc1-browser

Usage Recommendations

• It is recommended to use meaningful identifiers for device names, such as device model, location, or purpose
• Avoid using special characters; it is recommended to use letters, numbers, and hyphens
• Maintain a consistent naming convention for easier future management

Precautions

• Custom names only affect display and do not impact service performance
• Configuration must be reapplied after changing the name to take effect
• It is recommended to keep records of each device’s configuration for future reference

The Necessity of Ad Blocking--Protecting Attention and Privacy in the Digital Age

Deconstructing the Modern Advertising Ecosystem

The Profit Model of Advertisers

The modern advertising system is built on a complex chain of interests:

• Advertisers connect advertisers with users through media platforms
• Revenue comes from advertisers’ placement fees, not from users
• The goal is to maximize the “conversion rate” — turning ad viewers into paying customers

The Battle for Conversion Rates

In this battle for attention:

• High conversion rates mean higher ad prices
• Ad placement efficiency directly affects revenue
• “Personalized delivery” becomes the core strategy for increasing conversions

The Truth About Personalized Ads

The Depth of Data Collection

Modern advertising systems collect user information through multiple channels:

• Device identifiers and operating system data
• Cross-platform behavior tracking
• Social network analysis
• Consumer behavior profiling

The Trap of Precise Delivery

What seems like convenient personalized delivery actually hides risks:

• Exploiting cognitive biases to create demand
• Amplifying potential user anxieties
• Creating a false sense of urgency

The Erosion of Attention by Ads

The Cost of the Attention Economy

• Frequent interruptions disrupt work efficiency
• Interfere with decision-making capabilities
• Increase cognitive load
• Blur the boundaries of real needs

The Evolution of Advertising Strategies

Modern advertising has evolved from simple information dissemination to:

• Forced memory implantation
• Emotional stimulation
• Anxiety marketing
• Social pressure

Strategies for Self-Protection

Core Protective Measures

1. Privacy Protection First

   • Limit app permissions
   • Control data sharing
   • Use privacy protection tools

2. Attention Management

   • Set focused time periods
   • Establish information filtering mechanisms
   • Cultivate the habit of actively seeking information

3. Control Over Consumer Decisions

   • Establish a demand evaluation system
   • Delay purchase decisions
   • Maintain rational judgment

Technological Support: Cyber Savvy

In this data-driven era, maintaining “cyber savvy” — caution and wisdom in the digital world — becomes particularly important. This includes:

• Managing digital footprints
• Protecting personal privacy
• Controlling information flow

Solutions

AdGuard Private Service, as a comprehensive protection solution, not only provides ad blocking but, more importantly, helps users:

• Protect personal privacy
• Optimize browsing experience
• Reduce distractions
• Provide a controllable information environment

Let’s regain control of our digital lives, starting with rejecting ad harassment.

Service Resource Optimization Strategy Explanation

Background Explanation

As the number of users grows and functional demands increase, we have observed that some high-resource-consuming configuration options may lead to service instability. To ensure service quality, we have conducted in-depth analysis and formulated corresponding optimization schemes.

Resource Optimization Strategies

1. Filter Update Mechanism Optimization

Current Situation Analysis

• Some users have set the filter to update every hour
• Each update requires a complete download-parse-duplicate removal process
• International bandwidth limitations cause the update to take longer
• Server resources remain under continuous high load

Optimization Scheme

We will adjust the update interval to a minimum of 72 hours for the following reasons:

• Most filter lists have an update cycle of 24-72 hours
• Reduce ineffective resource consumption
• Ensure service stability
• Optimize bandwidth usage efficiency

Impact Assessment

• Positive Impacts
  • More stable service response
  • More reasonable resource usage
  • Reduced system load
• Minimized Impacts
  • Rule updates still maintain a reasonable cycle
  • No impact on protective effects

2. Parallel Request Strategy

Current Situation

Currently, most users have enabled the parallel requests feature, but under the existing architecture, the benefits are limited:

• Alibaba Cloud upstream service latency differences are usually within 5ms
• May trigger request frequency limits for Alibaba Cloud public services
• Increases unnecessary system overhead

Usage Suggestions

• Recommend using the load balancing mode
• Parallel requests are suitable for the following scenarios:
  • Significant upstream service latency differences (>200ms)
  • Situations with unstable service quality
  • Cross-border access scenarios

Note: Currently, no rate limiting issues due to parallel requests have been identified; this feature remains open for now.

3. Third-Party List Management

Security Considerations

To ensure system stability, we have temporarily disabled support for some third-party lists:

• The scale of external lists is unpredictable
• May lead to resource overruns
• Service stability cannot be guaranteed

Future Plans

We are researching more secure third-party list management solutions to reopen this feature in the future.

Basic Edition Memory Limit Adjustment

Some users’ environments are restarting frequently. Upon checking the logs, it is found that the reason for the exit is that memory usage has reached the upper limit of 300MB, resulting in forced termination.

We are now adjusting the single container limit to 500MB to alleviate the restart issues.

If your environment experiences login or restart problems, please feel free to contact us at any time. Solving problems for customers is our responsibility.

Need Help

Contact WeChat adguard6688
Or Send Email service1@adguardprivate.com
Please describe the issue you are experiencing in detail, and we will reply as soon as possible.

Always Ready to Provide Support Services

Quick Start Guide

To ensure you can conveniently start using our services, we have provided a detailed User Guide

Thoughtful Service Support

Exclusive Guidance

We noticed that some new users may encounter difficulties when using it for the first time. To this end, we:

• Continuously optimize the product documentation structure
• Provide clear configuration guides
• Prepare frequently asked questions answers

Timely Response

Although we adopt a no-registration system to protect user privacy, this does not affect our service to users. You can contact us through the following ways:

Need Help

Contact WeChat adguard6688
Or Send Email service1@adguardprivate.com
Please describe the issue you are experiencing in detail, and we will reply as soon as possible.

How to Set Up a Dedicated Link

Some paid AdGuardHome services provide a dedicated link that does not allow users to access the backend management; instead, administrators manage the rules on their behalf.

This indicates that it does not provide private backend management functionality; instead, it is implemented through domain reverse proxy, with relatively low costs.

You need to rent a server to run the AdGuardHome service and configure Nginx reverse proxy to achieve this function.

Taking the service link 5r69hxdx9onl70hp.example.com as an example, the key Nginx configuration is as follows:

http {
  server {
    listen 1080;
    server_name 5r69hxdx9onl70hp.example.com;
    location / {
      proxy_pass http://worker.example.com:5002;
      proxy_set_header Host $http_host;
    }
  }
  server {
    listen 1443 ssl;
    server_name 5r69hxdx9onl70hp.example.com;
    ssl_certificate /app/data/certs/5r69hxdx9onl70hp/fullchain.pem;
    ssl_certificate_key /app/data/certs/5r69hxdx9onl70hp/privkey.pem;
    location / {
      proxy_pass https://worker.example.com:5003;
      proxy_set_header Host $http_host;
    }
  }
}
stream {
  ssl_protocols TLSv1.2 TLSv1.3 SSLv3;
  map $ssl_preread_server_name $targetBackend {
    5r69hxdx9onl70hp.example.com worker.internal.com:5004;
  }
  server {
    listen 1853;
    proxy_pass $targetBackend;
    ssl_preread on;
  }
}

Each paid user only needs to add a similar Nginx configuration and point the domain resolution to the server. When there are many users, if a single application service is under heavy pressure, it can be proxied to different backends.

Such services cannot achieve true personalization; users need to access the backend to truly control their internet data, which is an advantage of our private service: each user truly exclusively occupies a service and uses all features of AdGuardPrivate.

Fully Upgraded - Enhanced Ad Blocking Rules

Rule Update Explanation

To meet users’ demand for stronger ad blocking, we have comprehensively optimized the filtering rule strategy. The new rules significantly improve ad filtering effects while maintaining a low false interception rate. This update is based on user feedback, and we have added more precise interception rules on the basis of ensuring normal website access.

Rule List Overview

We have compiled the following professional rule lists. You can choose to use them based on your specific needs:

Basic Protection Rules

Content Filtering Rules

Usage Suggestions

1. Step by Step

   • It is recommended to start with basic protection rules
   • Gradually add other rules based on actual needs
   • Regularly check and update the rule lists

2. Performance Optimization

   • Avoid enabling too many rules at the same time
   • Prioritize rules that best match your needs
   • Regularly clean up unused rules

3. Troubleshooting

   • Record and provide feedback promptly if false interceptions occur
   • Temporarily disable specific rules for testing
   • Use custom whitelists if necessary

Precautions

• Some rules may affect normal access to specific websites
• It is recommended to regularly check for rule updates
• If frequent false interceptions occur, please contact us promptly

For users who need more flexible control, we offer a professional version that supports fully custom rule configurations. If you have any questions, feel free to provide feedback at any time.

Need Help

Contact WeChat adguard6688
Or Send Email service1@adguardprivate.com
Please describe the issue you are experiencing in detail, and we will reply as soon as possible.

Trial Version Service Details

As a service provider focused on delivering custom ad filtering rules, we understand the considerations users have when choosing a service. Although the cost of our service is relatively high, we are committed to providing users with the utmost flexibility in customization.

To help you fully understand the value of our service, we have introduced a cost-effective trial plan. This version includes all premium features and is completely equivalent to the full service, allowing you to experience the unique advantages of customized filtering with zero risk.

Trial Instructions:

• Discounted price is only available for first-time users
• Renewal requires selecting a full service plan
• Due to the account-free design, trial versions can be purchased repeatedly
• Each new purchase will generate a brand-new service instance
• Renewal allows retention of all configurations from the original instance

We look forward to your experience with this high-quality service. If you encounter any issues during use, our customer support team is always ready to provide professional assistance.

Need Help

Contact WeChat adguard6688
Or Send Email service1@adguardprivate.com
Please describe the issue you are experiencing in detail, and we will reply as soon as possible.