doh-cf-workers
serverless-dns
Our great sponsors
doh-cf-workers | serverless-dns | |
---|---|---|
31 | 56 | |
351 | 1,727 | |
- | 3.7% | |
5.3 | 7.9 | |
2 months ago | 2 months ago | |
JavaScript | JavaScript | |
BSD Zero Clause License | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
doh-cf-workers
-
Cloudflare DNS stopped working totally!
For desktop browser, just change the Secure DNS/DNS over HTTPS settings to one of the servers in https://github.com/curl/curl/wiki/DNS-over-HTTPS, if they're all blocked, create your own with https://github.com/tina-hello/doh-cf-workers. On Android use Intra to load custom DoH, and on iOS use https://dns.notjakob.com/ to create the DoH profile.
-
Public DNS resolver is blocked, way to bypass?
If Cloudflare Workers aren't blocked, you can use https://github.com/tina-hello/doh-cf-workers to forward to it, though it only work with DNS over HTTPS client (most desktop browsers, Windows 11, iOS, macOS, Intra on Android and YogaDNS on older Windows)
-
Ditching Normal DNS for Enhanced Safety: Zero Trust with DNS over HTTPS/TLS
DoH is another game entirely, even if you import the known DoH domains manually, anyone including dedicated kids, can create their own DoH proxy in minutes.
-
Encrypted DNS, what's the point?
Even those who weren't interested in self-hosting might spend a couple of minutes hosting their own DNS proxy since it's much more flexible and don't require root or dedicated port (at least with DoH).
-
Stop devices from using other DNS to bypass AdGuardHome?
While you can in turn block those DoH servers (and probably block port 853 too to stop the default DoT & DoQ traffic), there are ridiculous amount of public DoH servers available, partly because of how easy it is to self-host AGH and expose the DoH endpoint to the public. Anyone can even create their own in minutes.
-
Can't change DNS settings, can ISP block it?
Check if your router support DNS over TLS (DoT) or DNS over HTTPS (DoH), that would ignore the ISP filtering, assuming the ISP doesn't just block port 853 for DoT, or filtering well-known DoH server, in which case just setup your own.
-
Android phones can't connect if I block port 853 on router to stop others bypassing NextDNS
If you don't want to set up AGH at home or at a VPS, accept that the phones need to use the NextDNS/Nebulo/Intra/AdGuard app set to your NextDNS DoH endpoint while you block other providers, though this doesn't actually stop others from using their own/generic NextDNS, or even any provider if their DoH client support bootstrapping. Also, unless it's a seriously fancy router that analyzes traffic statistics, blocking DoH is merely using public list of DoH domains, anyone can create their DoH proxy which won't be blocked. Some routers have SNI filtering which can block websites regardless of the DNS used, but then you need to provide your own blocklist.
-
Subliminal Through Tor?
That's probably SNI filtering, but try other servers from https://adguard-dns.io/kb/general/dns-providers/ and https://github.com/curl/curl/wiki/DNS-over-HTTPS/ just in case, or make your own proxy on https://github.com/tina-hello/doh-cf-workers
-
Zero Trust:Block other DNS over HTTPS/TLS
If you want to go that route, keep in mind the entire Cloudflare Workers and Cloudflare Pages subdomains (workers.dev and pages.dev) can be used as free DoH proxy. Sure you can put the nuclear option, but it would break sites that do use them.
-
Filtering bypass.. I surrender? FEATURE REQUEST INSIDE
A purely DNS-based solution is bound to be easily bypassed, it's really simple to bootstrap the IP so there's no need to even use the network/OS DNS to resolve the custom DoH domain, with hundreds of publicly known DoH and trivial deployment of DoH forwarder you're fighting a losing game.
serverless-dns
-
Thoughts on RethinkDNS. Firewall, Privacy, Ads, all-in-one app for privacy.
sky is a stub resolver, which after stripping out all request information, forwards the dns query to both Cloudflare and Google DoH servers (code), and replies from which ever responds back the fastest. Both the client app and the resolver (server) are open source, so if you find any leaks and know what's up, we're open to changes.
-
Using Cloudflare Gateway as an alternative to Pi-hole to block ads, trackers and other bad domains
There is also https://github.com/serverless-dns/serverless-dns that works on user-configurable list combinations using Cloudflare Workers (100k queries per day), though it can't be integrated with WARP.
-
Logs? Max or Sky?
Max (fly.io) and Sky (cloudflare) are both are no logs. You can examine the code to ascertain this (here) and also check the version of the code we've deployed too (via github actions).
-
Any future plans of adding an ad-blocking DNS server?
You can selfhost your own adblocking server on Cloudflare Workers and edit the upstream, you get Quad9 malware filtering, Cloudflare's nearest servers, and whatever blocking list you want.
-
RethinkDNS
Took us wayyy longer than originally planned, because not only personal life got in the way, we also run our own resolver (open source) maintaining which took away some of our time too. Especially, as the costs were mounting, we couldn't ignore it and had to optimize it as much as we could (which we since have).
-
Encrypted DNS, what's the point?
Even those who weren't interested in self-hosting might spend a couple of minutes hosting their own DNS proxy since it's much more flexible and don't require root or dedicated port (at least with DoH).
-
Meet the triumvirate: rec, sec, and pec
I swear this idea wasn't generated over chats and coffee with GPT3; though, most of the code for this feature was most certainly written by it (commit). Be careful with your reviews of this feature then; you don't want to upset a sentient Optimus Prime AI.
-
NextDNS vs Control D as compared by Control D owner
If you are deploying your own rdns, then logs and analytics are up and running (check the github readme). NRDs and other things will happen as we near launch (in a month or two, perhaps). But we are just 2 developers, and our time is really all spent on the Android app, and not the service...
-
Cloudflare like DNS - Self-hosted or with more privacy
Maybe, this is what you want? https://github.com/serverless-dns/serverless-dns
- Jack Dorsey -Twitter founder- is working on a 1M grant to The Calyx Institute
What are some alternatives?
dnsproxy - Simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support
rethink-app - DNS over HTTPS / DNS over Tor / DNSCrypt client, WireGuard proxifier, firewall, and connection tracker for Android.
dns-server-setup - Ansible playbook to easily deploy new, fully configured, DNS servers.
Netguard - A simple way to block access to the internet per app
DoH
Nebulo - Mirror of https://git.frostnerd.com/PublicAndroidApps/smokescreen. Feel free to contribute here as well.
libcurl - A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
dnscrypt-proxy - dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
Unbound - Unbound is a validating, recursive, and caching DNS resolver.
tracker-control-android - TrackerControl Android: monitor and control trackers and ads.
docker-cloudflared - Cloudflared proxy-dns Docker image
dns66 - DNS-based Host Blocker (and lightweight ad blocker) for Android