Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. App Wishlist
  3. AdGuard - Network-wide ads & trackers blocking DNS server

AdGuard - Network-wide ads & trackers blocking DNS server

Scheduled Pinned Locked Moved Solved App Wishlist
24 Posts 9 Posters 3.9k Views 10 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • mehdiM mehdi

    @girish How do you handle the port exposure ? Like, if you install this on a publicly accessible IP, not behind a LAN, anybody could access the DNS server ?

    girishG Offline
    girishG Offline
    girish
    Staff
    wrote on last edited by
    #14

    @mehdi Yes, currently anyone can access it. I think we have to add some sort of firewall feature in the future to limit access to apps by IP in a future release.

    mehdiM 1 Reply Last reply
    1
    • girishG girish

      @mehdi Yes, currently anyone can access it. I think we have to add some sort of firewall feature in the future to limit access to apps by IP in a future release.

      mehdiM Offline
      mehdiM Offline
      mehdi
      App Dev
      wrote on last edited by
      #15

      @girish I strongly second this firewall proposal 🙂

      girishG 1 Reply Last reply
      0
      • mehdiM mehdi

        @girish I strongly second this firewall proposal 🙂

        girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #16

        @mehdi I wasn't sure if it's worth the effort because most VPS providers these days have a firewall in their control panel (which is better than iptables since packets won't even hit the VM now and will get stopped at the cloud provider's edge).

        fbartelsF necrevistonnezrN 2 Replies Last reply
        0
        • girishG girish

          @mehdi I wasn't sure if it's worth the effort because most VPS providers these days have a firewall in their control panel (which is better than iptables since packets won't even hit the VM now and will get stopped at the cloud provider's edge).

          fbartelsF Offline
          fbartelsF Offline
          fbartels
          App Dev
          wrote on last edited by
          #17

          @girish adguard itself actually also has a whitelist feature for ips it will reply to. But that would even be one level further down from the effectiveness of iptables.

          girishG 1 Reply Last reply
          1
          • fbartelsF fbartels

            @girish adguard itself actually also has a whitelist feature for ips it will reply to. But that would even be one level further down from the effectiveness of iptables.

            girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #18

            @fbartels you are right! It's under DNS setings.

            e0eac1f0-568c-4f19-93e9-c1b1866e33ea-image.png

            fbartelsF 1 Reply Last reply
            0
            • girishG girish

              @fbartels you are right! It's under DNS setings.

              e0eac1f0-568c-4f19-93e9-c1b1866e33ea-image.png

              fbartelsF Offline
              fbartelsF Offline
              fbartels
              App Dev
              wrote on last edited by
              #19

              @girish afaik all settings are stored in an ini file. Maybe it could be auto setup only for the internal network towards the app containers?

              marcusquinnM 1 Reply Last reply
              2
              • fbartelsF fbartels

                @girish afaik all settings are stored in an ini file. Maybe it could be auto setup only for the internal network towards the app containers?

                marcusquinnM Offline
                marcusquinnM Offline
                marcusquinn
                wrote on last edited by
                #20

                @fbartels 2nd this!

                Web Design https://www.evergreen.je
                Development https://brandlight.org
                Life https://marcusquinn.com

                1 Reply Last reply
                0
                • girishG girish

                  @mehdi I wasn't sure if it's worth the effort because most VPS providers these days have a firewall in their control panel (which is better than iptables since packets won't even hit the VM now and will get stopped at the cloud provider's edge).

                  necrevistonnezrN Offline
                  necrevistonnezrN Offline
                  necrevistonnezr
                  wrote on last edited by
                  #21

                  @girish said in AdGuard - Network-wide ads & trackers blocking DNS server:

                  @mehdi I wasn't sure if it's worth the effort because most VPS providers these days have a firewall in their control panel (which is better than iptables since packets won't even hit the VM now and will get stopped at the cloud provider's edge).

                  Don't forget us bedroom server adminstrators... 🙂

                  mehdiM marcusquinnM 2 Replies Last reply
                  3
                  • necrevistonnezrN necrevistonnezr

                    @girish said in AdGuard - Network-wide ads & trackers blocking DNS server:

                    @mehdi I wasn't sure if it's worth the effort because most VPS providers these days have a firewall in their control panel (which is better than iptables since packets won't even hit the VM now and will get stopped at the cloud provider's edge).

                    Don't forget us bedroom server adminstrators... 🙂

                    mehdiM Offline
                    mehdiM Offline
                    mehdi
                    App Dev
                    wrote on last edited by
                    #22

                    Nor us bare-metal people!

                    1 Reply Last reply
                    2
                    • jimcavoliJ Offline
                      jimcavoliJ Offline
                      jimcavoli
                      App Dev
                      wrote on last edited by
                      #23

                      I'm a big fan of the "belt-and-suspenders" approach to firewalls locally and out in the magical ingress/networking land. Never a bad thing to have more controls or choices over where to manage/place certain controls. Portability is a big thing too, and a lot of the cloud provider firewalls are rather bespoke, with a wide range (or lack) of features.

                      1 Reply Last reply
                      0
                      • necrevistonnezrN necrevistonnezr

                        @girish said in AdGuard - Network-wide ads & trackers blocking DNS server:

                        @mehdi I wasn't sure if it's worth the effort because most VPS providers these days have a firewall in their control panel (which is better than iptables since packets won't even hit the VM now and will get stopped at the cloud provider's edge).

                        Don't forget us bedroom server adminstrators... 🙂

                        marcusquinnM Offline
                        marcusquinnM Offline
                        marcusquinn
                        wrote on last edited by
                        #24

                        @necrevistonnezr @mehdi Haha, innuendo bingo! Only a matter of time before Only Fans stars start using Cloudron to avoid de-platforming issues and cut-out the middle-men.

                        Web Design https://www.evergreen.je
                        Development https://brandlight.org
                        Life https://marcusquinn.com

                        1 Reply Last reply
                        0
                        Reply
                        • Reply as topic
                        Log in to reply
                        • Oldest to Newest
                        • Newest to Oldest
                        • Most Votes


                        • Login

                        • Don't have an account? Register

                        • Login or register to search.
                        • First post
                          Last post
                        0
                        • Categories
                        • Recent
                        • Tags
                        • Popular
                        • Bookmarks
                        • Search