Private AdGuard DNS v2.5: more control over your traffic

In the not-too-distant future, AdGuard DNS will introduce an option to connect a device via dedicated IPv4 address, providing more flexibility in configuring your DNS server.

But there's a catch: bad actors can easily discover your IPv4 address and launch a DNS amplification attack (a type of DDoS attack). As a result, the network will be overwhelmed and unavailable for regular traffic, and the Query log will be filled with numerous unauthorized requests that are billable.

That's why we added new access settings to AdGuard DNS v2.5 before implementing the dedicated IPv4 feature. These will help you protect yourself or simply ensure that only you are using your server.

Strict request control

Access settings

Along with the Access settings section, three parameters became available:

  • Allowed clients. Here you can specify which clients can use your DNS server
  • Disallowed clients. Here you can list the clients that are not allowed to use your DNS server
  • Disallowed domains. Here you can specify the domains (as well as wildcard and DNS filtering rules), which will not be allowed to access your DNS server

By customizing these fields, you will turn your AdGuard DNS into a smart "gatekeeper" that accepts requests only on your terms. Blocked ones will not appear in the Query log, and you will not pay for them.

To display IP addresses associated with DNS queries in the Query log, check the Log IP address checkbox. To do this, open Server settings → Advanced settings.

More user rules

As you can see, we didn't stop at adding Access settings and expanded the available range of custom rules. Now their number depends on the subscription:

  • Starter — 100 rules
  • Personal — 1,000 rules
  • Team — from 5000 to 50,000 rules
  • Enterprise — 50,000+ rules

We hope you’ll enjoy the new version of private AdGuard DNS. And if you notice any problems, please let us know via a special form.

Liked this post?