[1.14.13]
Update AdGuardHome to 0.107.74
Full Changelog
Frontend libraries has been updated to prevent the possibility of exploiting the vulnerability described in CVE-2026-40175.
Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in 1.26.2.
In this release, the schema version has changed from 33 to 34.
Added a new field doh in http configuration.
Incorrect forwarding of root domain requests when domain-specific upstreams are configured (#7058).
The strict SNI check setting is not persisted when the TLS configuration is changed (#8327).
Status reported by the launchd service implementation in cases of scheduled service restart.
Fixed clients block/unblock when moving clients between allowed and disallowed lists.
Hi @james
now switched to Hetzner Cloud DNS, and the renewal worked. Thanks!
Having used the manual wildcard config forever, I however still don't understand, how the first set of certs had been issued, that expired back in February.
@Jenova Oh, you mean the "Allowed clients" inside AdGuard Home ? If you use port 853 , then you are connecting directly to AdGuard and IP should be client IP.
Was someone able to resolve this?
The profiles are unsigned for me, too, which would require manual re-deploying (and remembering to do so!) a profile after 90 days…
@necrevistonnezr Could be something changed in your ISP regarding IPv6 rotation. But @nebulon and I see this pretty consistently in our home servers (in Berlin, where they seem to rotate IPv6 for some reason).
@ByMynix if you want to stick with Porkbun please email them and link https://forum.cloudron.io/post/64902 as the post reproducing the issue. You can also cc support@cloudron.io and we are happy to respond.
@lukas you may have a look at the guide from Cloudron here: https://docs.cloudron.io/apps/adguard-home/#security
However the setup is pretty simple, go to the DNS Settings in Adguard Home and give some names for your client IDs [image: 1681500834105-img_0209-resized.jpeg]
When you entered ClientIDs the DNS will not be available anymore for anyone who is NOT in your Client IDs list. If you want to update your non static IP from your internet service provider, you could do that and put in your public IP. In that case your local clients can use the DNS even without having a named Client ID
Then you can use the Tab "Setup Guide" in Adguard Home to get guidance how to get your devices configured.
If you want to configure Chrome, Brave or Firefox for DoH you can then use the URL to your Adguard Home DNS Name with appending your ClientId like this for example:
https://DNS-NAME-TO-YOUR-ADGUARDHOME/dns-query/CLIENTID
Please be aware that you should understand what you do and in case of concerns just don't do it. You will be responsible yourself for anything you do.
@girish thanks. Yes, it was actually easier than my mind made it out to be! I just opened the ports I needed and set 53 only for the networks I wanted.
