概览
使用 AdGuard DNS,可以设置自己的私有 DNS 服务器来解析 DNS 请求并在广告、跟踪器和恶意域名到达设备之前进行拦截。
快速链接:试用 AdGuard DNS
通用
私有 AdGuard DNS 提供公共 AdGuard DNS 服务器的所有优势,包括流量加密和域名拦截列表。 它还提供额外的功能,例如灵活的定制、DNS 统计和家长控制。 这些选项都可以通过用户友好的仪表板来轻松地访问和管理。
为什么您需要私有 AdGuard DNS
今天,用户可以把任何东西连接到互联网上: 电视、冰箱、智能灯泡或扬声器。 但除了这些不可否认的便利之外,用户还会面临追踪器和广告。 在这种情况下,一个简单的基于浏览器的广告拦截器无法保护用户,但用 AdGuard DNS,用户可以设置流量过滤,内容和跟踪器拦截,享受一个系统范围的保护体验。
长久以来,AdGuard 产品线仅包括公共 AdGuard DNS 和 AdGuard Home。 这些解决方案对一些用户来说很好,但对另一些用户来说,公共 AdGuard DNS 缺乏配置的灵活性,而 AdGuard Home 则缺乏简单性。 这就是私人 AdGuard DNS 发挥作用的地方。 它拥有两个优点:它提供可定制性、控制和信息统计,所有这些都可以通过一个简单已用的仪表盘实现。
公共 AdGuard DNS 和私有 AdGuard DNS 的区别
以下是公共 AdGuard DNS 和私有 AdGuard DNS 功能的简单比较。
| 公共 AdGuard DNS | 私人 AdGuard DNS |
|---|---|
| DNS流量加密 | DNS流量加密 |
| 自带的域名封锁清单 | 可自定义的域名封锁清单 |
| - | 可以 导入/导出 自定义 DNS 过滤规则 |
| - | 请求统计(看看您的 DNS 请求到哪里去:哪些国家,哪些公司等等) |
| - | 详细的查询日志 |
| - | 家长控制 |
Private AdGuard DNS features
统计信息
In the Statistics tab you can see all the summarized statistics on DNS queries made by devices connected to your Private AdGuard DNS. It shows the total number and geography of requests, the number of blocked requests, the list of companies the requests were addressed to, requests types and top requested domains.
流量终点
This feature shows you where DNS requests sent by your devices go. On top of seeing the map of request destinations, you can filter the information by date, device and country.
公司
This tab allows you to quickly check which companies send the most requests, and which companies have the most blocked requests.
查询日志
This is a detailed log where you can check out the information on every single request and also sort requests by status, type, company, device, time, country.
Server settings
This section features a range of settings allowing you to customize the operation of private AdGuard DNS, ensuring the Internet functions exactly as you desire.
Blocklists management
The Blocklists feature allows you to specify which domains you want to block and which you don't. Choose from a variety of blocklists for different purposes.
Security settings
Even if you're aware of all the tricks online scammers use, there's always a risk you'll accidentally click a malicious link. To protect yourself from such accidents, go to the Security settings section and check the boxes next to the options listed there.
The Block malicious, phishing, and scam domains feature will block domains found in the dedicated database. And the Block newly registered domains will block all domains registered less than 30 days ago, which are often considered risky for your online privacy.
家长控制
To protect your child from online content you deem inappropriate, set up and activate the Parental control option. In addition to options such as "adult content" blocking and safe search, we've added the ability to manually specify domains for blocking and set a schedule for the Parental control to work accordingly.
用户规则
For cases where pre-installed blocklists with thousands of rules are not enough, we have a handy feature called User rules. Here you can manually add custom rules to block/unblock a specific domain or import custom rule lists (see DNS filtering rules syntax). You can export the lists.
身份验证的 DNS-over-HTTPS
DNS-over-HTTPS with authentication provides a login and password to connect to the server. This can limit access to unauthorized users and increase security.
To enable this feature, go to Server settings → Devices → Settings and change the DNS server to the one with authentication. Select Deny other protocols to disable alternative protocol usage, ensuring exclusive DNS-over-HTTPS authentication and blocking third-party access.
Advanced
Here you can set the way AdGuard DNS must respond to blocked domains:
- Default — zero IP address
- NXDOMAIN — the domain does not exist
- REFUSED — the server has refused to process the request
- Custom IP — you can manually specify an IP address
Additionally, you can adjust the Time to live (TTL) setting. This parameter defines the time period (in seconds) that a client device caches the response to a DNS request. A higher TTL means that even if a previously blocked domain is unblocked, it may still appear as blocked for a while. A TTL of 0 indicates that the device does not cache responses.
In the Advanced section, there are three options that can be customized:
- Block access to iCloud Private Relay. Devices that use iCloud Private Relay may ignore DNS settings. Enabling this option ensures that AdGuard DNS can effectively protect your device.
- Block Firefox canary domain. This setting prevents Firefox from automatically switching to its DoH resolver when AdGuard DNS is set as the system-wide DNS service.
- Log IP addresses. If this option is enabled, IP addresses associated with incoming DNS requests will be recorded and displayed in the Query log.
访问设置
Here you can manage an access to your DNS server by configuring the following settings:
- Allowed clients. Specify which clients are permitted to use your DNS server. Please note that allowed clients are not counted in added access rules, only disallowed clients and domains
- Disallowed clients. List clients that are denied to use your DNS server
- Disallowed domains. Specify domain names that will be denied access to your DNS server. Wildcards and DNS filtering rules can also be listed here
If you only want to use DNS on certain AS numbers or IP addresses, you should block everything else in the Disallowed clients field. Simply allowing only the necessary numbers and addresses in the Allowed clients field won’t be enough.
By setting up these options, you can control who uses your DNS server and prevent potential DDoS attacks. Requests that are not allowed will not appear in your Query log, and they are free of charge.
把设备连接到 AdGuard DNS
AdGuard DNS 非常灵活,可设置在各种设备上,包括平板电脑、PC、路由器和游戏机。 本节描述如何将设备连接至 AdGuard DNS 的详细指示说明。
服务器和设置
本节解释在 AdGuard DNS 中 「服务器」 的定义以及可用的设置。 这些设置让用户自定义 AdGuard DNS 对已拦截域名的响应方式,并管理您的 DNS 服务器的访问权限。
如何设置过滤
在本节中,我们描述一些允许用户微调 AdGuard DNS 功能的设置。 使用拦截列表、用户规则、家长控制及安全过滤功能,用户可以根据需求配置过滤规则。
统计数字与查询日志
统计和查询日志可让用户深入了解设备的活动。 在「统计数据」标签中,用户可以查看连接私人 AdGuard DNS 的设备发出的 DNS 请求汇总。 在查询日志中,可以查看每个请求的信息,还可以按状态、类型、公司、设备、时间和国家/地区对请求进行排序。
自定义域名
AdGuard DNS 企业版和团队版订阅用户可以使用自己的域名(如 dns.example.com),而不是默认的 d.adguard-dns.com。 此设置通过确保与企业安全政策的无缝集成,同时保留 AdGuard DNS 提供的完整阻止广告和隐私保护功能。