DNS-based blocking more complete for your whole network, independent of the device settings for tech-avers users/kids. DNS-based blocking is less flexible for all users in the network - especially when you need to make exceptions for certain sites. They are also limited to your home network, unless you have a VPN server.
Therefore, for mobile devices app-based blocking is the main way to go.
Consequently, both make sense and your use case is relevant.
I’m using the https://rethinkdns.com/ app, which also gives me a firewall. You do not have to use the app though, you can configure a set of blocklists through their webpage, then add that to Private DNS.
For android, you can enable the private DNS function (DNS over TLS) and specify a custom DNS server that has ad/tracker blocking without having to install any apps. That also has the benefit of encrypting your DNS lookups so nobody can spy on it.
I do this but one thing to note is that it can break some wifi capture portals and auth loops, so you might have to disable specified Wi-Fi, connect, and enable. Some wifi has private view DNS records for their capture portal or auth server like clearpass. Additionally, if your phone switches days to WiFi, but you need data to query or resolve your DNS provider and Android doesn’t have it cached, then it can also fail.
DNS-based blocking more complete for your whole network, independent of the device settings for tech-avers users/kids. DNS-based blocking is less flexible for all users in the network - especially when you need to make exceptions for certain sites. They are also limited to your home network, unless you have a VPN server. Therefore, for mobile devices app-based blocking is the main way to go. Consequently, both make sense and your use case is relevant.
You can do DNS based blocking on mobile, I’m doing it right now.
Private DNS FTW!
I’m using the https://rethinkdns.com/ app, which also gives me a firewall. You do not have to use the app though, you can configure a set of blocklists through their webpage, then add that to Private DNS.
Edit:word
I’ve been using NextDNS foe a while. They do similar. I’ll check out rethink though. Always. Open to something different
OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!
OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!
There are services like https://nextdns.io/ that makes it super easy to use DNS-based tracker blocking on most devices.
I’ve been using them for over a year and it works very well.
Mullvad also has DNS with different kind of blockers: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ And for the DNS blocking you don’t need an account.
For android, you can enable the private DNS function (DNS over TLS) and specify a custom DNS server that has ad/tracker blocking without having to install any apps. That also has the benefit of encrypting your DNS lookups so nobody can spy on it.
Or install the open source app AdAway that I guess goes over the DNS block of some servers.
I do this but one thing to note is that it can break some wifi capture portals and auth loops, so you might have to disable specified Wi-Fi, connect, and enable. Some wifi has private view DNS records for their capture portal or auth server like clearpass. Additionally, if your phone switches days to WiFi, but you need data to query or resolve your DNS provider and Android doesn’t have it cached, then it can also fail.