@GossiTheDog Since the authoritative name servers still reply; you can also ask the #DNS resolver administrator to forward requests for queer.af to kiki.bunny.net and coco.bunny.net.
did not know they can control domain names,
is it possible to deny them that request? why did maston comply with them?
@i_have_no_enemies Almost every Internet activity start with a #DNS request. So, DNS is often (ab)used for political goals.
Also, domain names are organized in a tree so if you control a domain (in that case .af), you also control all names underneath.
There are social networks that don't rely on the DNS but they have other issues. In the mean time, take DNS seriously and choose your domain name with care.
The DNS-01 challenge [1] allows for issuing SSL certificates without a publicly routable IP address. It needs API support from your DNS provider to automate it, but e.g. lego [2] supports many services.
I personally leave my Wireguard VPN always on, but as its only routing the local subnet with my services, it doesn’t even appear in my battery statistics.
A must have, if you want to browse the web without ads, trackers, malware and more. There are other browsers you could use, but with #firefox, you can install add-ons to help you mitigate all the tracking and ads. You can even install desktop only add-ons now, and supporting a engine which is not #chromium (controlled by Google) like every other major browser.
There are multiple forks available on the F-droid if you don't want to use plain firefox. This works on desktop too, I recommend #LibreWolf.
My favorite way of blocking ads, you have control over which domain the app can connect. It works like a VPN, but it does not make any outgoing connection. The bad thing is, if you want to use an actual #VPN, you can't have both at the same time and you need to disable your custom DNS.
I recommend to enable in settings > advanced options > block system apps, and individual domains too. When you open the app for the first time, it asks you if you want to block essential request for the apps to work, I recommend to enable this if you don't want apps breaking.
You android vendor may be killing the app, for this reason is necessary to add the app in the list of apps not be optimized by the system. If this issue keeps happening follow the guide from dontkillmyapp.com (advanced)
A DNS works like a translator, computers are good with numbers, but we are not good at memorizing long numbers. Computers communicate with each other using the Internet Protocol (IP), which are pure numbers. For example, your instance #IP is 104.26.8.209 but is easier to us just type lemmy.world.
A DNS is like a table where it has a relationship between keys pointing lemmy.world to 104.26.8.209, so your computer knows where is the computer is trying to connect.
Let's imagine an app is trying to connect to "https://ads-from.company.com", if you are using a DNS which blocks known domain ads it will redirect that request to "0.0.0.0" which is like sending it to a black hole. There are multiple DNS available, which different purposes, for ads, malware, porn, gambling, etc.
Have in mind that these are not full bulletproof protections, one may work better than the other, and can break from time to time. With popular services with ads, like social media, you could use alternative front-ends to their official client or website.
Here is a list of alternative front-ends and an add-on to automatically redirect to them, you have to use it with a browser and you can add as a shortcut to the home screen, better if it works like a #PWAhttps://libredirect.github.io
A few months ago I went on a quest for a DNS server and was dissatisfied with current maintained projects. They were either good at adblocking (Blocky, grimd…) or good at specifying custom DNS (CoreDNS…)....
What you described is correct! How to replicate this will depend heavily on your setup.
In my specific scenario, I make the containers of all my apps use leng as my DNS server. If you use plain docker see here, if you use docker compose you can do:
<span style="color:#323232;">version: 2
</span><span style="color:#323232;">services:
</span><span style="color:#323232;"> application:
</span><span style="color:#323232;"> dns: [10.10.0.0] # address of leng server here!
</span>
Personally, I use Nomad, so I specify that in the job file of each service.
Then I use wireguard as my VPN and (in my personal devices) I set the DNS field to the address of the leng server. If you would like more details I can document this approach better in leng’s docs :). But like I said, the best way to do this won’t be the same if you don’t use docker or wireguard.
If you are interested in Nomad and calling services by name instead of IP, you can see this tangentially related blog post of mine as well <a href=""></a> <a href=""></a>
Here’s an overview of the Let’s Encrypt DNS challenge type in case you haven’t seen it: letsencrypt.org/docs/challenge-types/#dns-01-chal…
Basically, when Traefik goes to request or renew a certificate, Let’s Encrypt tries to look up a special DNS record on your domain so you can prove that the request for the certificate is legit. To make that work, Traefik first hits your DNS provider via API and temporarily inserts that special record so it’s there when Let’s Encrypt performs the lookup for it. In my particular case, I’m using self-hosted PowerDNS and it’s built-in API (configured to only respond via a Wireguard tunnel). But you don’t have to self-host DNS for this to work… Traefik has a long list of supported providers: doc.traefik.io/traefik/https/acme/#dnschallenge
You will basically need to start fresh with a custom rom as google services are deeply ingrained into the standard operating system. Its almost impossible/not worth it even to to to get rid of those once they are installed. You could check first, which custom roms are available for your phone. Graphene, divestos and calyxos are probably the most private roms, but only available on a few models. Lineageos is widely available but will need extra steps to degoogle.
If a custom rom seems like too much hasle your can improve your privacy most easily by choosing a tracker and dns blocking doh/dns sever on android. It only takes minutes.
Android settings -> search for private dns -> chose private dns provider hostname -> doh.mullvad.net
You will basically need to start fresh with a custom rom as google services are deeply ingrained into the standard operating system. Its almost impossible/not worth it even to to to get rid of those once they are installed. You could check first, which custom roms are available for your phone. Graphene, divestos and calyxos are probably the most private roms, but only available on a few models. Lineageos is widely available but will need extra steps to degoogle.
If a custom rom seems like too much hasle your can improve your privacy most easily by choosing a tracker and dns blocking doh/dns sever on android. It only takes minutes.
Android settings -> search for private dns -> chose private dns provider hostname -> doh.mullvad.net
You will basically need to start fresh with a custom rom as google services are deeply ingrained into the standard operating system. Its almost impossible/not worth it even to to to get rid of those once they are installed. You could check first, which custom roms are available for your phone. Graphene, divestos and calyxos are probably the most private roms, but only available on a few models. Lineageos is widely available but will need extra steps to degoogle.
If a custom rom seems like too much hasle your can improve your privacy most easily by choosing a tracker and dns blocking doh/dns sever on android. It only takes minutes.
Android settings -> search for private dns -> chose private dns provider hostname -> doh.mullvad.net
You will basically need to start fresh with a custom rom as google services are deeply ingrained into the standard operating system. Its almost impossible/not worth it even to to to get rid of those once they are installed. You could check first, which custom roms are available for your phone. Graphene, divestos and calyxos are probably the most private roms, but only available on a few models. Lineageos is widely available but will need extra steps to degoogle.
If a custom rom seems like too much hasle your can improve your privacy most easily by choosing a tracker and dns blocking doh/dns sever on android. It only takes minutes.
Android settings -> search for private dns -> chose private dns provider hostname -> doh.mullvad.net
You will basically need to start fresh with a custom rom as google services are deeply ingrained into the standard operating system. Its almost impossible/not worth it even to to to get rid of those once they are installed. You could check first, which custom roms are available for your phone. Graphene, divestos and calyxos are probably the most private roms, but only available on a few models. Lineageos is widely available but will need extra steps to degoogle.
If a custom rom seems like too much hasle your can improve your privacy most easily by choosing a tracker and dns blocking doh/dns sever on android. It only takes minutes.
Android settings -> search for private dns -> chose private dns provider hostname -> doh.mullvad.net
You will basically need to start fresh with a custom rom as google services are deeply ingrained into the standard operating system. Its almost impossible/not worth it even to to to get rid of those once they are installed. You could check first, which custom roms are available for your phone. Graphene, divestos and calyxos are probably the most private roms, but only available on a few models. Lineageos is widely available but will need extra steps to degoogle.
If a custom rom seems like too much hasle your can improve your privacy most easily by choosing a tracker and dns blocking doh/dns sever on android. It only takes minutes.
Android settings -> search for private dns -> chose private dns provider hostname -> doh.mullvad.net
Queer.af mastodon domain has been seized by the Taliban (mastodon.world)
Port forwarding 80 and 443 to NPM
Thinking about port forwarding ports 80 and 443 on my router to my home server, where Nginx Proxy Manager will deal with the incoming request....
What's the point of a reverse proxy and does cloudflare give all the benefits of one?
YouTube can't stop showing me AI deepfake ads (www.spacebar.news)
leng - a fast DNS server with adblocking, built for self-hosting (github.com)
A few months ago I went on a quest for a DNS server and was dissatisfied with current maintained projects. They were either good at adblocking (Blocky, grimd…) or good at specifying custom DNS (CoreDNS…)....
Docker & Reverse Proxies (kbin.social)
Mooching off this other post...
What's your Google Maps open-source replacement?
I imagine certain features like Google Maps’ different busyness indicators might be missing because otherwise that would require telemetry?