LowEndBox

Hosting Websites on Bare Minimum VPS/Dedicated Servers

Host your own DNS, now with 100% more ad block!

Tags: Date/Time: September 20, 2016 @ 4:26 pm, by SysAdmin

lowendtutorial

One of your essential addons for your web browsers is almost definitely some sort of ad blocker. Resources like bandwidth are a precious resource, especially when your ISP is of the many that limit it on a monthly basis. Another great benefit of having ad blocking software is that you risk a much lower chance of being infected by drive by malware, served by ads themselves. Not loading ads also means… less loading! Why don’t we take the load off our machines even less by removing our ad block extensions?

Additional note, contributed by LowEndTalk member @JoePie91, please always remember to check the content of third party scripts before run-time.

For what you’ll see in this tutorial, it is assumed you’re working with a clean Debian 8.0 template. First off, we’ll use apt to install dnsmasq, the only requirement for this to work, and tell it to start by default.

apt-get update && apt-get install dnsmasq -y
update-rc.d dnsmasq enable

We’re going to delete dnsmasq’s default configuration file, as it’s way too cluttered for what we’re using it for. After that, we’ll be making our own, much simpler version.

rm /etc/dnsmasq.conf
nano /etc/dnsmasq.conf

**dnsmasq.conf

**

bogus-priv
domain-needed
no-resolv
server=8.8.8.8
server=8.8.4.4
interface=venet0:0
listen-address=127.0.0.1
cache-size=10000
addn-hosts=/etc/pihole/gravity.list
host-record=hostname,127.0.0.1,::1

For options like _interface_, you’ll need to use ifconfig to see what interface lists the IP you want it to be setup on. For _host-record_, simply run `hostname` to know what you should put. What is pihole you might ask? https://pi-hole.net is an open source project written by Jacob Salmela to do the exact same thing we’re doing, but for Raspberry Pi’s on your local network. Creating a blacklist for ads would take ages, so we’re going to take advantage of Pi-Hole’s already created list.

wget https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/gravity.sh
chmod +x gravity.sh
./gravity.sh

gravity.sh will start populating an extensive blacklist for ad networks, but it shouldn’t take long. Finally, we’ll use sed to change every instance of our virtual machine’s IP with a blackhole, and restart dnsmasq.

sed -i “s/^[0-9\.]\+\s/0.0.0.0 /g” /etc/pihole/gravity.list
service dnsmasq restart

You’re done! I like to take it a step further though, and automate the updating of our blacklist.

apt-get install cron -y
crontab -e

At the bottom of our crontab, enter the following, which will set our blacklist to be updated once every day.

0 5 * * * bash /root/gravity.sh

Inspired, but modified version of David Anson’s https://dlaa.me/blog/post/skyhole tutorial.

@daily on LowEndTalk has contributed this tutorial to the community.

14 Comments

  1. cloromorpho:

    format!

    September 20, 2016 @ 8:37 pm | Reply
  2. stasi:

    okay after creating and doing this modification on our vps.

    which changes we have to make on win7/win10?

    September 21, 2016 @ 11:00 am | Reply
    • daily:

      Hey there stasi,

      The only thing you’ll need to do on your Windows machine is change what DNS servers you use.

      This can typically be done by going to your adapter settings -> right clicking on IPv4/IPv6 (depending on which you use) -> Properties. Tick “Use the following DNS server addresses:” and put your VPS’s IP under the Preferred DNS server. If you want protection against it somehow going down and you no longer having access to domains, just put Google’s (8.8.8.8 or 8.8.4.4) in the “Alternate DNS server:” field.

      September 21, 2016 @ 8:38 pm | Reply
      • stasi:

        wow, and this will block also the ads on my smart tv (youtube app) when I change the dns over my wifi router?

        September 22, 2016 @ 12:49 am | Reply
  3. chris s:

    There’s a better set of updated lists here:

    https://github.com/notracking/hosts-blocklists

    Which is a automated aggregation of a bunch of things

    September 22, 2016 @ 2:15 pm | Reply
  4. Metuchen:

    Yeah curious if this works for lifting geo-restrictions.

    September 30, 2016 @ 9:35 pm | Reply
  5. Metuchen:

    meh couldnt get this to work

    anyone get this working?

    September 30, 2016 @ 9:48 pm | Reply
  6. Remuz:

    Doesn’t work for Youtube ads, sadly. :(

    October 1, 2016 @ 1:54 am | Reply
  7. Rhi:

    Is it not better to have a password protected transparent caching squid proxy with adblocking?

    October 1, 2016 @ 12:42 pm | Reply
  8. Z74:

    IMO someone messing with DNS this way should understand what exactly is he doing.
    There are a lot of issues this can create, including major security risks.
    Also some providers just intercept all DNS requests and forward them to their servers, in this case you will need to take additional actions to bypass this…
    Not saying that it is a bad method, just that doing it without clearly understanding what it actually does can/will create more issues than it solves.

    October 4, 2016 @ 2:50 pm | Reply
  9. I work for ads company:

    Now, how would you guys promote your webhosting/services, if everyone is blocking ads?

    October 20, 2016 @ 11:50 am | Reply
    • I work for a hosting company:

      through LowEndBox, obviously!

      November 24, 2016 @ 8:06 pm | Reply

Leave a Reply

Some notes on commenting on LowEndBox:

  • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
  • Akismet is used for spam detection. Quoting webhostingtalk.com URL seems to get binned consistently here, but I do peek into the spam box frequently to publish those comments.
  • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

Your email address will not be published. Required fields are marked *