One of your essential addons for your web browsers is almost definitely some sort of ad blocker. Resources like bandwidth are a precious resource, especially when your ISP is of the many that limit it on a monthly basis. Another great benefit of having ad blocking software is that you risk a much lower chance of being infected by drive by malware, served by ads themselves. Not loading ads also means… less loading! Why don’t we take the load off our machines even less by removing our ad block extensions?
Additional note, contributed by LowEndTalk member @JoePie91, please always remember to check the content of third party scripts before run-time.
For what you’ll see in this tutorial, it is assumed you’re working with a clean Debian 8.0 template. First off, we’ll use apt to install dnsmasq, the only requirement for this to work, and tell it to start by default.
apt-get update && apt-get install dnsmasq -y
update-rc.d dnsmasq enable
We’re going to delete dnsmasq’s default configuration file, as it’s way too cluttered for what we’re using it for. After that, we’ll be making our own, much simpler version.
rm /etc/dnsmasq.conf
nano /etc/dnsmasq.conf
**dnsmasq.conf
**
bogus-priv
domain-needed
no-resolv
server=8.8.8.8
server=8.8.4.4
interface=venet0:0
listen-address=127.0.0.1
cache-size=10000
addn-hosts=/etc/pihole/gravity.list
host-record=hostname,127.0.0.1,::1
For options like _interface_, you’ll need to use ifconfig to see what interface lists the IP you want it to be setup on. For _host-record_, simply run `hostname` to know what you should put. What is pihole you might ask? https://pi-hole.net is an open source project written by Jacob Salmela to do the exact same thing we’re doing, but for Raspberry Pi’s on your local network. Creating a blacklist for ads would take ages, so we’re going to take advantage of Pi-Hole’s already created list.
wget https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/gravity.sh
chmod +x gravity.sh
./gravity.sh
gravity.sh will start populating an extensive blacklist for ad networks, but it shouldn’t take long. Finally, we’ll use sed to change every instance of our virtual machine’s IP with a blackhole, and restart dnsmasq.
sed -i “s/^[0-9\.]\+\s/0.0.0.0 /g” /etc/pihole/gravity.list
service dnsmasq restart
You’re done! I like to take it a step further though, and automate the updating of our blacklist.
apt-get install cron -y
crontab -e
At the bottom of our crontab, enter the following, which will set our blacklist to be updated once every day.
0 5 * * * bash /root/gravity.sh
Inspired, but modified version of David Anson’s https://dlaa.me/blog/post/skyhole tutorial.
@daily on LowEndTalk has contributed this tutorial to the community.
- MikroVPS Kft – Hungarian Xen VPS with 10Gbit/s Uplinks - November 10, 2016
- Swissnode – Switzerland VPS Offer - November 3, 2016
- IO Zoom – DDoS Protected VPS in Los Angeles, Chicago and Miami - November 2, 2016
format!
I tried to make it a bit better!
who the hell is sysadmin?
okay after creating and doing this modification on our vps.
which changes we have to make on win7/win10?
Hey there stasi,
The only thing you’ll need to do on your Windows machine is change what DNS servers you use.
This can typically be done by going to your adapter settings -> right clicking on IPv4/IPv6 (depending on which you use) -> Properties. Tick “Use the following DNS server addresses:” and put your VPS’s IP under the Preferred DNS server. If you want protection against it somehow going down and you no longer having access to domains, just put Google’s (8.8.8.8 or 8.8.4.4) in the “Alternate DNS server:” field.
wow, and this will block also the ads on my smart tv (youtube app) when I change the dns over my wifi router?
There’s a better set of updated lists here:
https://github.com/notracking/hosts-blocklists
Which is a automated aggregation of a bunch of things
Yeah curious if this works for lifting geo-restrictions.
meh couldnt get this to work
anyone get this working?
Doesn’t work for Youtube ads, sadly. :(
Is it not better to have a password protected transparent caching squid proxy with adblocking?
IMO someone messing with DNS this way should understand what exactly is he doing.
There are a lot of issues this can create, including major security risks.
Also some providers just intercept all DNS requests and forward them to their servers, in this case you will need to take additional actions to bypass this…
Not saying that it is a bad method, just that doing it without clearly understanding what it actually does can/will create more issues than it solves.
Now, how would you guys promote your webhosting/services, if everyone is blocking ads?
through LowEndBox, obviously!