Posted November 6, 2017. Last updated November 24, 2019.
For over two years, I've used Adguard’s free DNS to block ads on my phone and protect my privacy. In system settings, replace your wifi's DNS with these servers:
If you want to block ads on your cellular network, you'll probably need to install an app, which uses a local vpn to control traffic. For more information, see my post about Online Privacy Tips. Settings > Wifi > (Network Name) > Configure DNS > Manual > Add Server > (paste Servers above) I recommend Adguard Pro, for only $2. DNSCloak is free and very powerful, but somewhat complex. I prefer Adguard Pro, but Shadowrocket is $3 and seems to be the most powerful option, but I haven't tried it out.
Settings > Wifi > (Network Name) > Configure DNS > Manual > Add Server > (paste Servers above)
I recommend Adguard Pro, for only $2. DNSCloak is free and very powerful, but somewhat complex. I prefer Adguard Pro, but Shadowrocket is $3 and seems to be the most powerful option, but I haven't tried it out.
How it works
A domain name server (DNS) converts a domain name into an IP address, like this:
Your phone connects to the resulting IP address, and the DNS can block sites by refusing connections. As an example, Snapchat sends messages with
app.snapchat.com, but they download ads from
Some apps, like YouTube, use one domain for everything, so you can't block ads with a DNS. You have to use a browser extension or content blocker to block ads. Apps take away your freedom, so I recommend using websites whenever possible.
My blacklist is only about 20 rules, which block all traffic, and then I whitelist only approved sites.
*.* events.* personalization.* location.* typography.* typeface.* tracking.* metrics.* stats.* ads.* pixel.* geo.* geoip.* tag.* tags.* beacon.* track.* tracker.* events.* event.* lytics.* collector.*
I whitelist important websites and apps, and I can always add new rules or disable the blocking. My whitelist is only about 200 entries.
While using apps or visiting common sites, check your network logs, and see what slips past Adguard's filter. Their DNS isn't perfect, and companies are always using new sites to deliver ads. It's a massive arms-race, so I decided to block everything by default and not worry about anything slipping through.
After blocking everything, look at my whitelist to see if you need any particular entries. It should save you some time, since I've already tested them. If there are any errors, please contact me. Once your custom blacklist is good enough, you can switch to a different DNS, like 220.127.116.11, since it's the world's fastest server.
Download my entire whitelist.txt, or click the lists below.
Core Internet Infrastructure
- mapbox.com App Resources
Facebook and Instagram
Apple and iCloud