[1.14.17]
Update AdGuardHome to 0.107.77
Full Changelog
Authorization in GLiNET mode is no longer vulnerable to path traversal attacks.
NOTE: This is CVE-2026-41448. We thank @djnnvx for reporting this security issue.
New reason query parameter in GET /control/querylog. See openapi/openapi.yaml for the full description.
Query parameter response_status in GET /control/querylog is now deprecated. Use new reason query parameter instead.
Hi @james
now switched to Hetzner Cloud DNS, and the renewal worked. Thanks!
Having used the manual wildcard config forever, I however still don't understand, how the first set of certs had been issued, that expired back in February.
@Jenova Oh, you mean the "Allowed clients" inside AdGuard Home ? If you use port 853 , then you are connecting directly to AdGuard and IP should be client IP.
Was someone able to resolve this?
The profiles are unsigned for me, too, which would require manual re-deploying (and remembering to do so!) a profile after 90 days…
@necrevistonnezr Could be something changed in your ISP regarding IPv6 rotation. But @nebulon and I see this pretty consistently in our home servers (in Berlin, where they seem to rotate IPv6 for some reason).
@ByMynix if you want to stick with Porkbun please email them and link https://forum.cloudron.io/post/64902 as the post reproducing the issue. You can also cc support@cloudron.io and we are happy to respond.
@lukas you may have a look at the guide from Cloudron here: https://docs.cloudron.io/apps/adguard-home/#security
However the setup is pretty simple, go to the DNS Settings in Adguard Home and give some names for your client IDs [image: 1681500834105-img_0209-resized.jpeg]
When you entered ClientIDs the DNS will not be available anymore for anyone who is NOT in your Client IDs list. If you want to update your non static IP from your internet service provider, you could do that and put in your public IP. In that case your local clients can use the DNS even without having a named Client ID
Then you can use the Tab "Setup Guide" in Adguard Home to get guidance how to get your devices configured.
If you want to configure Chrome, Brave or Firefox for DoH you can then use the URL to your Adguard Home DNS Name with appending your ClientId like this for example:
https://DNS-NAME-TO-YOUR-ADGUARDHOME/dns-query/CLIENTID
Please be aware that you should understand what you do and in case of concerns just don't do it. You will be responsible yourself for anything you do.
@girish thanks. Yes, it was actually easier than my mind made it out to be! I just opened the ports I needed and set 53 only for the networks I wanted.
