3

HaGeZi Lists and hBlock are added.

I was checking the filters and just saw that the HaGeZi filters that were requested and hBlock is added.

I remember that a lot of people were asking for it and I'm going to test it out to see how it compares to OISD.

I wanted to share it with everyone else so everyone can try it out.

21replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • As a quick update on HaGeZi filters the Pro one seems to be quite good but still has some FP's like Lightswitch05 and 1HostLite.

    Normal seems to be close to OISD in terms of pure compatibility, I'm going to try running both OISD and HaGeZi Normal to see if I see anything in terms of False Positives but quite an amazing filter, now the second filter in the lists to focus on compatibility.

    Like 1
      • Ha Ge Zi
      • hagezi
      • 10 days ago
      • Reported - view

      Hey 

      If you find false positives, please report them. I will then see if I can whitelist them for the respective version.
      You can report them on Github, here as a message directly to me or via mail.

      The lists all have a certain strength, the Pro should not contain many false positives. What have you found?

      Like
      • Jörgen
      • Pro Subscriber ✅
      • Jorgen_A
      • 8 days ago
      • Reported - view

      Ha Ge Zi 

      Tested the blocklists for about a week now...

      The PRO++ is the right level for me. Had to whitelist "insideruser.microsoft.com", but nothing else in my whitelist.

      The PRO was a bit too light and ULTIMATE broke some of my Google/Nest devices.

      Like
      • Hey
      • Hey
      • 8 days ago
      • Reported - view

      Ha Ge Zi I've found a domain that OISD wasn't blocking (at the time) but now they block it too haven't investigated it too much but it's (api.storyly.io) it's used in the Turkish Airlines app, it's basically mini self advertisements such as currently deals and general information about their Miles system and discounts and such.

      I can't say it's worth allowing as I've looked at the Storyly site and they do talk about serving ads through their system.

      So my initial reaction was yeah this is a FP but now they're blocking it too so I've became 50/50.

      Like
      • Ha Ge Zi
      • hagezi
      • 8 days ago
      • 1
      • Reported - view

      Jörgen 

      insideruser.microsoft.com was unblocked, but I forgot to remove the CNAME: insideruser.trafficmanager.net.
      Thanks for the hint. I have removed it as well.

      Can you tell me what caused the problems with Google/NEST devices in Ultimate? This should not be the case and should be fixed.

      Like 1
      • Jörgen
      • Pro Subscriber ✅
      • Jorgen_A
      • 8 days ago
      • Reported - view

      Ha Ge Zi I saw that the domain geller-pa.googleapis.com was blocked and remembered it from when I had issues before with firmware-updates and device drop-outs. Also some "firebase-domains" was causing issues if I remember correct. I can try activating the ULTIMATE for a while and see how my Google/Nest devices likes it now in 2023 :-)

      Like
      • Ha Ge Zi
      • hagezi
      • 8 days ago
      • Reported - view

      Jörgen Please test an report them to me.  Thanks for your support!

      Like
      • Jörgen
      • Pro Subscriber ✅
      • Jorgen_A
      • 8 days ago
      • Reported - view

      Ha Ge Zi I will try to... Also seeing device-provisioning.googleapis.com is blocked now by ULTIMATE and remember that made issues with drop-outs before.

      Like
      • Ha Ge Zi
      • hagezi
      • 8 days ago
      • Reported - view

      Hey 

      api.storyly.io

      I have looked at this and I think it is safe to whitelist. Full-screen Stories ... that's going to limit a lot of apps. The origin list is this:

      https://github.com/symbuzzer/Turkish-Ad-Hosts
      It got into the 1Hosts lite and oisd via that.

      Like
      • Ha Ge Zi
      • hagezi
      • 8 days ago
      • 2
      • Reported - view

      Jörgen I fixed all the googleapis things fpr Google/Nest devices in the ULTIMATE. The new version is online in NextDNS.

      Like 2
      • Hey
      • Hey
      • 8 days ago
      • 1
      • Reported - view

      Ha Ge Zi Welp, I'll be switching to your Pro filter now because OISD has a false positive that your filter doesn't.

      Thanks for the extremely quick fix for the FP's that were mentioned by us. It's great to use NextDNS with a filter that's as stable and as compatible, hopefully for years to come.

      Thank you for all the work that's put in the filters, it's a great to have a DNS provider that's extremely stable and just works with your filter that has the same behavior, a perfect match.

      Like 1
      • LazJedi
      • LazJedi
      • 7 days ago
      • Reported - view

      Ha Ge Zi hi, discords.com false positive. This site is trusted, lists Discord servers.

      Like
      • Ha Ge Zi
      • hagezi
      • 7 days ago
      • 1
      • Reported - view
      Like 1
  • I'm using HaGeZi PRO++ without any issues. It blocks twice as much as OISD, with no increase in false positives. OISD itself uses the HaGeZi whitelist (among others) to make itself better, so there will be a big overlap in that whitelisted entries are very similar in OISD and HaGeZi. 

    Like 1
  • I take a different approach than the OISD. The OISD is a great list that you can add to, provides good protection, and usually doesn't need any further maintenance. If something causes functionality restrictions somewhere, it goes on the whitelist there as long as it doesn't cause ads to be displayed on multiple pages, for example.
    Nevertheless, unblocking is done here with a sense of proportion. There are almost no false positive domains in OISD. This is the strength of OISD. A disadvantage, thereby e.g. the tracker number 1, google-analytics.com was partially unblocked because on the popular page reuters.com some videos do not start.
    If you don't mind such things and you want a list that doesn't lead to restrictions in any situation, you will make the best choice with OISD. It is a very well maintained list and the maintainer always has an open ear.

    Maintaining such large lists is hard work. One of the main problems is that domains you unblocked a long time ago because they cause functional restrictions on various pages, apps or devices, might be blocked again today because these restrictions no longer exist due to customization. You need to check your whitelist from time to time. That's very time-consuming.

    My approach is different, one example, google-analytics.com for example I would only whitelist if it leads to functional restrictions in mass, but not if it leads to functional restrictions on a handful of pages - the tracker is just too popular for that. And I think it's pretty cheeky to link important site functionality to this top tracker. For this kind of trackers, you actually have to get permission beforehand according to the EU data protection directive, but the directive offers loopholes that are of course used, all a matter of interpretation.

    Through the different list versions and the different degree of aggressiveness of these, I am able to decide what is whitelisted where depending on what restrictions the blocked domain leads to. So every user should have the possibility to find the right list for him. Example, the top tracker number 2 googletagmanager.com it leads to function restrictions on various pages therefore it is unblocked in Light to Pro, but because it is popular and partly used as a bypass for google-analytics.com, it is blocked in Pro++ and Ultimate. There are many examples of this.

    The OISD is a list that must satisfy all user preferences. For more there is the OISD extra, which is unfortunately not available in NextDNS. But it can be combined with the very effective 1Hosts lists, if you don't mind to create your own whitelist.

    Apart from the fact that I don't see my lists as competition for other lists, every user should decide for himself what suits him, a block rate comparison between OISD and PRO PLUS is not meaningful for the reasons mentioned above. Probably the block rate of the LIGHT is higher than the OISD in normal operation, but that is due to my chosen approach.

    I spent months compiling the lists, they are not just lists compiled from different sources using a whitelist. Each list has its own extension, which I compiled individually using the CISCO Umbrella 1M top lists. But, without the sources used, the lists would simply be nothing. The OISD and 1Hosts have a significant part in this.
    I started with the PRO PLUS, I wanted a list with the right balance between aggressiveness and balance. The other versions were then developed from this. For my needs, the perfect list was created with this attempt, the PRO PLUS.

    Kind Regards,
    Gerd

    Like 4
  • Is it bad to use multiple blocklists? Why not use OISD and HaGeZi? What happens if i use all HaGeZis?

    Like
      • Hey
      • Hey
      • 8 days ago
      • 1
      • Reported - view

      Max Power The NextDNS team says there is no difference between using one or all the filters, so in terms of performance yeah no issues.

      Using less filters is healthier in most cases through filters like HaGeZi and OISD include most of the other filters listed and with the benefits of being far more compatible and set and forget.

      1HostLite is also similar but they block some domains that are serving ads but in my opinion are a bit more dramatic for user experience (googleadservices).

      I personally try to keep my filters simple and only use filters that I've used for a while and that don't have any impact on my experience.

      So long story short, you can technically turn everything on and it wouldn't impact your DNS performance, but the amount of headache and troubleshooting would likely get you back to using filters like the two mentioned.

      Like 1
  • I really like the HaGezi lists. 

    I use the Ultimate-List and I don´t need any whitelist...until now:

    When I open o2online.de , the whole site is just text and some wrong placed images. Normally I will find the "bad" entry in my protocol in my NextDNS account, but this time I failed. Maybe someone here can identify the problem.

    Like 1
Like3 Follow
  • 3 Likes
  • 6 days agoLast active
  • 21Replies
  • 297Views
  • 7 Following