6

HaGeZi Lists and hBlock are added.

I was checking the filters and just saw that the HaGeZi filters that were requested and hBlock is added.

I remember that a lot of people were asking for it and I'm going to test it out to see how it compares to OISD.

I wanted to share it with everyone else so everyone can try it out.

102 replies

null
    • Hey
    • 1 yr ago
    • Reported - view

    As a quick update on HaGeZi filters the Pro one seems to be quite good but still has some FP's like Lightswitch05 and 1HostLite.

    Normal seems to be close to OISD in terms of pure compatibility, I'm going to try running both OISD and HaGeZi Normal to see if I see anything in terms of False Positives but quite an amazing filter, now the second filter in the lists to focus on compatibility.

      • hagezi
      • 1 yr ago
      • Reported - view

      Hey 

      If you find false positives, please report them. I will then see if I can whitelist them for the respective version.
      You can report them on Github, here as a message directly to me or via mail.

      The lists all have a certain strength, the Pro should not contain many false positives. What have you found?

      • Pro Subscriber ✅
      • Jorgen_A
      • 1 yr ago
      • Reported - view

      Ha Ge Zi 

      Tested the blocklists for about a week now...

      The PRO++ is the right level for me. Had to whitelist "insideruser.microsoft.com", but nothing else in my whitelist.

      The PRO was a bit too light and ULTIMATE broke some of my Google/Nest devices.

      • Hey
      • 1 yr ago
      • Reported - view

      Ha Ge Zi I've found a domain that OISD wasn't blocking (at the time) but now they block it too haven't investigated it too much but it's (api.storyly.io) it's used in the Turkish Airlines app, it's basically mini self advertisements such as currently deals and general information about their Miles system and discounts and such.

      I can't say it's worth allowing as I've looked at the Storyly site and they do talk about serving ads through their system.

      So my initial reaction was yeah this is a FP but now they're blocking it too so I've became 50/50.

      • hagezi
      • 1 yr ago
      • Reported - view

      Jörgen 

      insideruser.microsoft.com was unblocked, but I forgot to remove the CNAME: insideruser.trafficmanager.net.
      Thanks for the hint. I have removed it as well.

      Can you tell me what caused the problems with Google/NEST devices in Ultimate? This should not be the case and should be fixed.

      • Pro Subscriber ✅
      • Jorgen_A
      • 1 yr ago
      • Reported - view

      Ha Ge Zi I saw that the domain geller-pa.googleapis.com was blocked and remembered it from when I had issues before with firmware-updates and device drop-outs. Also some "firebase-domains" was causing issues if I remember correct. I can try activating the ULTIMATE for a while and see how my Google/Nest devices likes it now in 2023 :-)

      • hagezi
      • 1 yr ago
      • Reported - view

      Jörgen Please test an report them to me.  Thanks for your support!

      • Pro Subscriber ✅
      • Jorgen_A
      • 1 yr ago
      • Reported - view

      Ha Ge Zi I will try to... Also seeing device-provisioning.googleapis.com is blocked now by ULTIMATE and remember that made issues with drop-outs before.

      • hagezi
      • 1 yr ago
      • Reported - view

      Hey 

      api.storyly.io

      I have looked at this and I think it is safe to whitelist. Full-screen Stories ... that's going to limit a lot of apps. The origin list is this:

      https://github.com/symbuzzer/Turkish-Ad-Hosts
      It got into the 1Hosts lite and oisd via that.

      • hagezi
      • 1 yr ago
      • Reported - view

      Jörgen I fixed all the googleapis things fpr Google/Nest devices in the ULTIMATE. The new version is online in NextDNS.

      • Hey
      • 1 yr ago
      • Reported - view

      Ha Ge Zi Welp, I'll be switching to your Pro filter now because OISD has a false positive that your filter doesn't.

      Thanks for the extremely quick fix for the FP's that were mentioned by us. It's great to use NextDNS with a filter that's as stable and as compatible, hopefully for years to come.

      Thank you for all the work that's put in the filters, it's a great to have a DNS provider that's extremely stable and just works with your filter that has the same behavior, a perfect match.

      • LazJedi
      • 1 yr ago
      • Reported - view

      Ha Ge Zi hi, discords.com false positive. This site is trusted, lists Discord servers.

      • hagezi
      • 1 yr ago
      • Reported - view
    • Chris.6
    • 1 yr ago
    • Reported - view

    I'm using HaGeZi PRO++ without any issues. It blocks twice as much as OISD, with no increase in false positives. OISD itself uses the HaGeZi whitelist (among others) to make itself better, so there will be a big overlap in that whitelisted entries are very similar in OISD and HaGeZi. 

      • Rikkert
      • 1 yr ago
      • Reported - view

      Chris Correct, when I analyse an export of the logs, OISD blocked only 1 url HaGeZi didn't (eu-mobile.events.data.microsoft.com). I'll check again in a week,

    • hagezi
    • 1 yr ago
    • Reported - view

    I take a different approach than the OISD. The OISD is a great list that you can add to, provides good protection, and usually doesn't need any further maintenance. If something causes functionality restrictions somewhere, it goes on the whitelist there as long as it doesn't cause ads to be displayed on multiple pages, for example.
    Nevertheless, unblocking is done here with a sense of proportion. There are almost no false positive domains in OISD. This is the strength of OISD. A disadvantage, thereby e.g. the tracker number 1, google-analytics.com was partially unblocked because on the popular page reuters.com some videos do not start.
    If you don't mind such things and you want a list that doesn't lead to restrictions in any situation, you will make the best choice with OISD. It is a very well maintained list and the maintainer always has an open ear.

    Maintaining such large lists is hard work. One of the main problems is that domains you unblocked a long time ago because they cause functional restrictions on various pages, apps or devices, might be blocked again today because these restrictions no longer exist due to customization. You need to check your whitelist from time to time. That's very time-consuming.

    My approach is different, one example, google-analytics.com for example I would only whitelist if it leads to functional restrictions in mass, but not if it leads to functional restrictions on a handful of pages - the tracker is just too popular for that. And I think it's pretty cheeky to link important site functionality to this top tracker. For this kind of trackers, you actually have to get permission beforehand according to the EU data protection directive, but the directive offers loopholes that are of course used, all a matter of interpretation.

    Through the different list versions and the different degree of aggressiveness of these, I am able to decide what is whitelisted where depending on what restrictions the blocked domain leads to. So every user should have the possibility to find the right list for him. Example, the top tracker number 2 googletagmanager.com it leads to function restrictions on various pages therefore it is unblocked in Light to Pro, but because it is popular and partly used as a bypass for google-analytics.com, it is blocked in Pro++ and Ultimate. There are many examples of this.

    The OISD is a list that must satisfy all user preferences. For more there is the OISD extra, which is unfortunately not available in NextDNS. But it can be combined with the very effective 1Hosts lists, if you don't mind to create your own whitelist.

    Apart from the fact that I don't see my lists as competition for other lists, every user should decide for himself what suits him, a block rate comparison between OISD and PRO PLUS is not meaningful for the reasons mentioned above. Probably the block rate of the LIGHT is higher than the OISD in normal operation, but that is due to my chosen approach.

    I spent months compiling the lists, they are not just lists compiled from different sources using a whitelist. Each list has its own extension, which I compiled individually using the CISCO Umbrella 1M top lists. But, without the sources used, the lists would simply be nothing. The OISD and 1Hosts have a significant part in this.
    I started with the PRO PLUS, I wanted a list with the right balance between aggressiveness and balance. The other versions were then developed from this. For my needs, the perfect list was created with this attempt, the PRO PLUS.

    Kind Regards,
    Gerd

      • Jo_Strasser
      • 1 yr ago
      • Reported - view

      Ha Ge Zi Does it make sense to activate OISD in addition to HaGeZi PRO or NORMAL? If I understand it correctly on Github, the OISD domains are included anyway if you use the NORMAL or higher. Do I understand that correctly?

      • hagezi
      • 1 yr ago
      • Reported - view

      Johannes Strasser yes, oisd is included. But it doesn't hurt to include the oisd list. If you use the light, then be sure to include the oisd.
      From multi it is not necessary.

      • Jo_Strasser
      • 1 yr ago
      • Reported - view

      Ha Ge Zi  great, thanks so much for confirmation. I am using the PRO, so I should be safe ;)

      • Jo_Strasser
      • 1 yr ago
      • Reported - view

      Ha Ge Zi one last question... If I enable both (HaGeZi and OISD): where should I report false positives? To both? What I can see is that OISD is pulling your whitelist but do you do the same in the other direction and can NextDNS handle this in an intelligent way? What do you recommend? Many thanks

      • hagezi
      • 1 yr ago
      • Reported - view

      Johannes Strasser I do not use an OISD whitelist. If you use multiple blocklists, you can see which blocklist has blocked domains in the log. Red "i" or by expanding if the mobile view is used. False positives should of course only be reported to the responsible list maintainer.

      • Jo_Strasser
      • 1 yr ago
      • Reported - view

      Ha Ge Zi good to know, thanks! I tested and compared now both variants but I think I am good to only use yours (PRO) for now because almost all blocks are done by both lists in my case. Thanks for your help! :)

    • mima
    • 1 yr ago
    • Reported - view

    I really like the HaGezi lists. 

    I use the Ultimate-List and I don´t need any whitelist...until now:

    When I open o2online.de , the whole site is just text and some wrong placed images. Normally I will find the "bad" entry in my protocol in my NextDNS account, but this time I failed. Maybe someone here can identify the problem.

Content aside

  • 6 Likes
  • 1 mth agoLast active
  • 102Replies
  • 4457Views
  • 14 Following