Heh, seems to be something with the wifi because it works fine with android+mobile network. Suspicious! Looks like a misconfigured dns server in the coffee shop. Sorry for the false call .
no no, it's not false! My friend on at&t has also noticed some really weird dns or server configuration issues with my server. It's a digital ocean cloud instance. I need to get to the bottom of it.
It took me w while to find out what FLoC is. It stands for "Federated Learning of Cohorts". Both this post and the one from brave never expands this abbreviation.
If you haven't tried out AdGuard Home, I can highly recommend it. Has same feature set as Pi-Hole and support DoT as well. It's also super trivial to install since it's just a Go binary. Have been using it for ages now and love it!
I want to try these DNS-based blockers (AGH or Pi-hole) but am always wondering: is it easy to temporarily disable, or "debug" them?
I have encountered multiple times (not common, but not trivial) that a filter blocks something wrong. With traditional ad-blocker as extension, I can quickly find it out by using build-in logger, and then simply either temporarily disable them or add the site to whitelist with a single click (if I feel like it, I can write my own rule too.)
If I have to change my DNS setting everytime this happens with these DNS-based blockers, I feel like to stick with extensions since I don't really use my phone to browse Internet too much.
PiHole has a web admin UI that's pretty slick. It has options to disable the entire thing indefinitely/for a set period of time if you need to, and it can log all DNS queries, so you can override/manually block anything you need. There's also nifty charts and metrics to show you how much traffic has been blocked.
I found that, after tinkering with blocklists for a bit, I turned off logging altogether and just let it run. The one thing that gives us grief occasionally is (unsurprisingly) tracking links from promo emails and social media. These are usually easy enough to bypass, but it can be a pain for non-tech-savvy people.
This is a feature that has been requested, but isn't implemented yet. Suggest you give it a thumbs up on github as they implement things in order of highest number of thumbs.
It wouldn't be DNS blocking. The feature request on the project is about adding an HTTPS MITM Proxy that would then do the cosmetic filters among other things.
AGH already supports adding AdGuard filters, but for obvious reasons it only applies domain based filters. Adding the MITM proxy would allow for processing of the cosmetic filters too.
No. It inherently cannot. Pi-Hole isn't a proxy where all traffic is flowing through it and has a chance to be modified. Pi-Hole is strictly answering the question, "What is the IP address for this hostname?" If a given hostname is known to host trackers or something undesirable Pi-Hole will claim it's an unknown host so the device is unable to reach it.
I setup 2 wireless VLANS on my network and one uses filtered DNS. Just swap between networks as needed. Of course most people aren't going to have that capability.
I actually discovered it when I wanted to install pi-hole on my mac server and it just wouldn't work besides with the Docker container, which had other issues like not being able to see the client IP that made the request.
Been running AdGuard Home for a couple months now and it's really nice!
Here's a screenshot - https://imgur.com/a/SzVS75Q
Same in chrome. The cert is wrong, it has the cert of "search.dnsadvantage.com"