ainar-g
commented
1 year ago Why not just add ||dnsavailable.xyz^ to Settings → DNS settings → Disallowed domains input?
Closed WeWin55 closed 1 year ago
ainar-g
commented
1 year ago Why not just add ||dnsavailable.xyz^ to Settings → DNS settings → Disallowed domains input?
WeWin55
commented
1 year ago Okay thanks @ainar-g. Didnt though about this feature, it is perfect. The blocked requests are alos not shown in the request log.
I will mark this request as solved!
Prerequisites
[X] I have checked the Wiki and Discussions and found no answer
[X] I have searched other issues and found no duplicates
[X] I want to request a feature or enhancement and not ask a question
The problem
Hi, my adguard home dns servers are beeing scanned and used by some fishy port scanners. They use different ip addresses v4 and v6. Unfortunately always different asn's.
I blocked the dns over https requests by blocking their user agent in my nginx reverse proxy. Now they are using dns over tls to request and query my dns server. I want to block all clients that request a specifiy domain name.
Example request from scanner: dns-XXX-it_surfshark_81628.doe.dnsavailable.xyz
It would be nice, if adguard could add persistens clients matching specific dns regex. Example: dnsavailable.xyz
Proposed solution
Adding the option to match dns request regex under persistent client would allow to block clients from scanners or abusive dns clients.
Alternatives considered and additional information
No response