FAQ
My lists are not a blunt one-to-one copy from other sources. The versions are compiled individually using basic sources, own extensions, domain categories and Top 1M lists (Umbrella, Cloudflare, Tranco, Chrome, DomCop, ...).
False positives and dead domains are removed. Domains reported by the community have been added.
Furthermore, I regularly analyse logs in several networks to find potentially blockable domains that have not yet been blocked.
The total base list from which the domains for the individual lists are extracted currently comprises ~20M domains. This also includes the domains from the top 1M lists of the last 12 months. This merged top list is used, among other things, to identify popular domains.
The list of base sources used can be found here:
https://github.com/hagezi/dns-blocklists/blob/main/sources.md
The statistics of the compilation of the lists can be viewed here:
https://github.com/hagezi/dns-blocklists/blob/main/statistics.md
- Use Light if you have to pay attention to the size of the list, because the AdBlocker does not support large lists, or light protection is sufficient for you.
- Use Normal if there is no admin nearby who can unblock something from time to time. E.g. for grandma and grandpa or the whole home or family network.
- Use Pro if an admin is available who could unblock something if necessary. My personal recommendation for almost problem-free adblocking.
- Use Pro++ if you are an experienced user, know what you are doing and privacy is important to you. This is an aggressive list and you may need to unblock things more often.
- Use Ultimate if Pro++ is not enough for you.
- Use Ultimate with 1Hosts Pro if Ultimate alone is not enough. You will have to unblock a lot yourself.
Important
Another recommendation is to combine the main lists with the Threat Intelligence Feeds list if possible. For Adblockers that have problems with the size of the full TIF list there is a smaller medium version. If you use AdGuard Home or AdGuard DNS, I also recommend using the Dandelion Sprout's Anti-Malware List. There is also an IPv4 list that can be used additionally to the TIF or TIF medium list.
Tip
NextDNS users: The Threat Intelligence Feeds list is not available in NextDNS, the security features should be used instead. Furthermore, I recommend that NextDNS users also use the OISD list, which also contains some TIF sources that are not covered by the security features.
Further additional options to the main lists depending on the use case are:
- Security: In addition to the Threat Intelligence Feeds list, use the Dynamic DNS, Badware Hoster, Most Abused TLDs and Newly Registered Domains (NRDs) list to further protect yourself from malicious things.
- Protection of children: Use the Gambling, Anti Piracy, Safesearch, DoH/VPN/TOR/Proxy Bypass and oisd NSFW lists in addition to block gambling, piracy, no safesearch engines, DNS bypassing, porn, shock and adult sites.
Affiliate and tracking links (referral domains) that appear frequently on offer web pages like Slickdeals, in emails or in search results are allowed in my lists. These are mostly called only after manual clicking on a link and are not used to display advertising. If these are blocked, the first hit links from search results, for example, no longer work. Furthermore, some of these domains are also used to unsubscribe from newsletters.
Referral domains have been removed from all lists. Only a few domains that also function as normal trackers are blocked in the aggressive lists.
The referral domain allowlist can be found here.
Why are CMPs (Consent Management Platform/Provider) used for cookie consent solutions not blocked in the lists?
Network-wide blocking of CMPs (Consent Management Plattform/Provider) used for cookie consent solutions breaks a lot of things and takes away the user's freedom to decide what he wants to allow and what not - blocking usually allows everything (#1979).
Blocking or automatic allow/deny is reserved for content blockers with corresponding filter lists. These can be used to decide which sites are excluded from blocking a specific CMP domain and which are not. You only have to look at the exclusions in the known cookie filter lists to see why network wide blocking via DNS is not a good idea.