Documentation

• 1: User Guide
• 1.1: How to Configure
• 1.1.1: Android
• 1.1.2: iPhone
• 1.1.3: Windows
• 1.1.4: macOS
• 1.1.5: Browser
• 1.2: Advanced Features
• 1.2.1: Blocked Applications List
• 1.2.2: Enhancing CDN Access Speed with ECS
• 1.2.3: DDNS Dynamic Resolution
• 1.2.4: DNS Split Configuration Guide
• 1.2.5: Using Custom Device Names
• 1.2.6: Faster Request Response
• 1.2.7: Setting Up Trusted Service Providers
• 1.3: Privacy Policy
• 2: Feature Description
• 2.1: Web Ad Blocking
• 2.2: Mobile Ad Blocking
• 2.3: Privacy Protection
• 2.4: Malware Interception
• 2.5: Adult Content Blocking
• 2.6: Social Network Interception
• 2.7: Phishing Website Interception
• 2.8: Tracking Interception
• 2.9: Malicious Traffic Interception
• 2.10: Access Request Logs
• 2.11: Statistics
• 2.12: Supported Platforms
• 2.13: Configuration Guide
• 2.14: Open Source Information
• 2.15: Custom Rules
• 2.16: Custom Parsing
• 2.17: Custom Intercept List
• 2.18: Quick Response
• 2.19: Setting Internet Access Schedules
• 3: Cyber City Mansion
• 3.1: How to Prevent Personal Information Leaks and "Doxxing" Risks
• 3.2: Guide to Protecting Personal Online Privacy
• 3.3: Guidelines for Protecting Adolescents' Online Safety
• 3.4: Protecting Seniors from Online Scams
• 3.5: How to Deal with Corporate Network Monitoring
• 4: Basic Tutorial
• 4.1: What is DNS
• 4.2: Basic Principles of AdGuardPrivate Protection
• 5: Frequently Asked Questions
• 5.1: How to Purchase and Use
• 5.2: iOS Device Restore Settings
• 5.3: How to Handle False Interceptions
• 5.4: After-Sales Service Guide
• 5.5: Mini Program Inaccessibility
• 5.6: Slow Access to Some Websites

1 - User Guide

Main Services Provided for a Fee

Basic Features

1. Access Logs
2. Blocking Logs
3. Statistics
4. Custom Upstream
5. Custom Filtering Rules
6. Custom Resolution
7. Whitelist Mode

Advanced Features

1. HTTP3 Support
2. DDNS Support
3. ECS Support
4. Resolution by Traffic Rules
5. Block Specific Applications
6. Schedule

Access Logs

View internet access logs. The private service provides a 24-hour network access log query.

Blocking Logs

View blocking logs to understand which ads are blocked and which websites are blocked.

Statistics

The private service provides 24-hour network access statistics to understand user internet habits.

Statistics will show which websites are visited the most and which websites are blocked the most.

Custom Rules

Create custom rules within the private service to block ads from commonly used applications or allow websites that are not considered ads by the user.

Users may need to view access logs to observe website query records when launching specific applications, in order to add custom rules.

Whitelist Mode

If you need to avoid blocking certain types of websites, you can set whitelist mode, allowing access only to specific websites.

The whitelist has a higher priority than the blacklist; if a website is on the whitelist, it will not be blocked. Users can add commonly used websites to the whitelist to avoid accidental blocking.

Authoritative Resolution

Supports adding authoritative resolution for devices within a company or home, resolving specified names to the IP addresses of home devices, eliminating the need to remember IP addresses.

Users do not need to purchase a domain name or register; they only need to add authoritative resolution rules within the private service.

1.1 - How to Configure

After the paid service expires,

• The service will immediately become invalid, and accessing the backend management address will redirect to the service status inquiry page.
• Personalized settings will be retained for 7 days; if not renewed within 7 days, all data of the service will be completely deleted.
• After the service is completely deleted, the custom domain name will no longer be able to access the service. Please remember to modify your encrypted DNS settings, otherwise you will not be able to access the internet.

Need Help

Send an email service1@adguardprivate.com
Please describe the issue you are experiencing in detail, and we will respond as soon as possible.

1.1.1 - Android

Configuration Steps

Specific setup steps for different brand phones:

Xiaomi/Redmi Phones

1. Open Settings
2. Select Connection & Sharing
3. Click Private DNS
4. Choose Private DNS service provider hostname
5. Enter: {xxxxxxxxxxxxxxxx}.adguardprivate.com

Samsung Phones

1. Open Settings
2. Select Connections
3. Click More connection settings
4. Choose Private DNS
5. Enter: {xxxxxxxxxxxxxxxx}.adguardprivate.com

Note: Please replace {xxxxxxxxxxxxxxxx} with your dedicated DNS server address

Verify Configuration

After configuration:

1. The system will automatically verify the DNS connection status
2. Displaying “Connected” indicates successful configuration

Troubleshooting

If the configuration fails, check:

1. Whether the DNS server address is correct
2. Whether the network connection is normal
3. Whether the account is active

1.1.2 - iPhone

iOS 14 and later versions support native DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypted DNS. You can enable it using the following steps:

1. Open the built-in browser Safari, navigate to the private service backend, Setup Guide -> DNS Privacy
2. Download the configuration file
3. Open the phone Settings
4. Tap General
5. Tap VPN & Device Management
6. Select your dedicated configuration to install

Configuration Demonstration

1.1.3 - Windows

Windows 11

Windows 11 21H2 and later versions support native DNS over HTTPS (DoH). You can enable it using the following steps:

1. Open Settings
2. Open Network & Internet
3. Open Ethernet
4. Find DNS server assignment, click Edit
   1. Select Manual
   2. Enter 120.26.96.167 in the Preferred DNS server IPv4 field, and 2408:4005:3de:8500:4da1:169e:dc47:1707 for the IPv6 address
   3. For DNS over HTTPS (DoH), select: On (Manual template)
   4. Enter https://xxxxxxxxxxxxxxxx.adguardprivate.com/dns-query in the DoH template field, where {xxxxxxxxxxxxxxxx} is your encrypted DNS service username.
   5. Do not check Use unencrypted requests on failure
   6. For the Alternate DNS server, you can optionally enter 223.5.5.5 (Alibaba Cloud Public DNS service), with DNS over HTTPS off, and check Use unencrypted requests on failure.

Windows 10 and Earlier Versions

Windows 10 and earlier versions do not support native encrypted DNS, but if you are using newer browsers like Chrome/Edge or various browsers based on the Chromium engine (such as 360/QQ and other domestic browsers), you can set up DoH encrypted DNS in the browser. Here’s how to set it up in Chrome:

1. Open Chrome browser Settings
2. Open Privacy, search, and services
3. Scroll to Security
4. Enable Use secure DNS to specify how to look up the network address of websites
5. Enter https://xxxxxxxxxxxxxxxx.adguardprivate.com/dns-query in the Choose service provider field, where {xxxxxxxxxxxxxxxx} is your encrypted DNS service username.

For other browsers, please refer to their respective settings, which are generally found under Settings - Privacy - Security.

1.1.4 - macOS

macOS Big Sur and later versions support native DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypted DNS. You can enable it using the following steps:

1. Open the built-in browser Safari, navigate to the private services backend, Settings Guide -> DNS Privacy
2. Download the configuration file
3. Open System Settings
4. Open Privacy & Security
5. Select Profiles
6. Select your dedicated configuration to install

1.1.5 - Browser

Browser versions of Chromium 79+ support DoH. Here are the settings methods for Chromium-based browsers (Chrome/Edge/360/QQ, etc.):

1. Open Chrome browser Settings
2. Open Privacy, search, and services
3. Scroll to Security
4. Enable Use secure DNS to specify how to look up the network address of a website
5. In Choose service provider, enter https://xxxxxxxxxxxxxxxx.adguardprivate.com/dns-query, where {xxxxxxxxxxxxxxxx} is your username for the private encrypted DNS service.

1.2 - Advanced Features

This section will introduce some advanced techniques for using private services.

1.2.1 - Blocked Applications List

It is important to avoid confusion: blacklists are typically used to block ads, privacy intrusions, malware, etc., while the Blocked Applications List is used to completely block the use of specified applications.

This is often used in conjunction with a schedule for personal habit formation to prevent addiction. It is commonly used for habit formation in minors, for example: prohibiting the use of social media and games during study time. It can also be used for self-discipline in adults, for example: prohibiting the use of social media and games during work hours.

This service pre-configures some rules based on popular applications in various countries. Due to changes in popular culture and business developments, these lists may become outdated, but we are committed to ongoing maintenance.

If you find that an application on the list is not fully blocked, or if you need to add a recently popular application, please contact us, and we will address it promptly.

Need Help

Send an email service1@adguardprivate.com
Please describe the issue you are experiencing in detail, and we will respond as soon as possible.

1.2.2 - Enhancing CDN Access Speed with ECS

AdGuard Private supports the ECS feature, providing more precise resolution to optimize your network experience.

Setup method:

What is ECS (Extended Client Subnet)?

ECS (Extended Client Subnet) is a DNS protocol extension that allows the DNS resolver (such as your AdGuard Private server) to pass part of the client’s IP address information to the authoritative DNS server. This enables the authoritative server to provide more accurate DNS responses based on the client’s network location.

How ECS Works

1. Traditional DNS Query: Without ECS, the DNS resolver only sends its own IP address to the authoritative DNS server. This means the authoritative server can only make resolution decisions based on the location of the resolver (usually a data center), which may lead to suboptimal results.

2. DNS Query with ECS Enabled: When ECS is enabled, the DNS resolver includes a part of the client’s IP address (subnet) in the DNS query. For example, if the client’s IP address is 203.0.113.45, the resolver might send 203.0.113.0/24 as ECS information.

3. Response from the Authoritative Server: Upon receiving a query with ECS information, the authoritative DNS server can use this information to select the most suitable IP address for the client. This typically means choosing a server geographically closest to the client.

Advantages of ECS

• Faster Response Times: By directing the client to the nearest server, ECS can reduce latency and improve application response times.
• Improved User Experience: Faster response times can lead to a smoother and more enjoyable online experience.
• More Efficient CDN Usage: Content Delivery Networks (CDNs) can use ECS to direct users to the optimal content server, thereby increasing efficiency and reducing costs.
• Bypassing Local Resolver Limitations: Some local network operators’ DNS servers may have issues, such as incorrect resolution or domain hijacking. Using ECS can bypass these limitations and obtain more accurate resolution results.

Why Use ECS in AdGuard Private?

AdGuard Private, as a private DNS server, can be configured to use upstream DNS servers for domain resolution. When ECS is enabled, AdGuard Private can pass your client subnet information to the upstream server, thereby obtaining more accurate resolution results.

1.2.3 - DDNS Dynamic Resolution

What is DDNS?

DDNS (Dynamic DNS) allows you to bind a fixed domain name to a dynamic IP address, suitable for home broadband users to access internal network devices such as NAS, smart home controllers, etc.

Features

• Easy to Use: Only one script is needed for automatic updates
• No Additional Cost: No need to purchase a domain name
• High Reliability: Relies on Adguard Private’s DNS infrastructure
• Quick Effect: DNS records take effect immediately after update, no need to wait for DNS propagation

Preparation for Use

To use the DDNS feature, you need:

1. A valid Adguard Private service
2. Username and password for the management panel
3. The domain name to be resolved (e.g., nas.home)

DDNS script download:

• Windows
• macOS && Linux

Configuration Steps

1. Gather Necessary Information

You need to prepare:

1. Adguard Private service address, like: https://xxxxxxxx.adguardprivate.com
2. Administrator username and password
3. The domain name to be resolved, like: nas.home

2. Deploy the Update Script

The following script will automatically update the resolution address of the specified domain.

Windows PowerShell

# Download the script
Invoke-WebRequest -Uri https://www.adguardprivate.com/docs/startup/private/tutorial/ddns/update_dns.ps1 -OutFile update_dns.ps1
# Set execution policy (optional, only for the current session)
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process
# Execute the script
.\update_dns.ps1 https://xxxxxxxx.adguardprivate.com admin:password123 nas.home

Linux && MacOS

# Download the script
wget https://www.adguardprivate.com/docs/startup/private/tutorial/ddns/update_dns.sh -O update_dns.sh
# Add execution permission
chmod +x update_dns.sh
# Execute the script
./update_dns.sh https://xxxxxxxx.adguardprivate.com admin:password123 nas.home

Frequently Asked Questions

How to Verify if it’s Effective?

You can check if the resolution correctly points to your current IP address using the ping your-domain.name command.

Or log into the service backend and check the Filter -> DNS Rewrite records.

How to Set Up Scheduled Updates?

Windows Scheduled Task

1. Open Task Scheduler
2. Create a basic task
3. Set the run frequency (recommended 15-30 minutes)
4. Choose PowerShell as the program location, and enter the full command of the script as the argument

Linux Cron Task

Add the following to crontab (execute every 15 minutes):

*/15 * * * * /path/to/update_dns.sh https://xxxxxxxx.adguardprivate.com admin:password123 nas.home

Precautions

• Please keep your username and password safe to avoid leaks
• It is recommended to add the update script to the system’s scheduled tasks for automatic execution
• If the resolution does not take effect promptly, please check the network connection and the validity of the credentials

1.2.4 - DNS Split Configuration Guide

DNS Split Overview

DNS split can significantly enhance the network access experience by distributing resolution requests for different domain names to different DNS servers. A reasonable DNS split configuration can:

• Speed up domain name resolution
• Improve website access stability
• Optimize cross-border access experience
• Avoid DNS pollution issues

Adguard Private Split Configuration

Basic Configuration Example

# Domestic DNS server
223.5.5.5                                    # Ali DNS
2400:3200::1                                 # Ali DNS IPv6
public0.adguardprivate.svc.cluster.local    # Private DNS, mainland upstream

# International DNS server
tls://1.0.0.1                               # Cloudflare DNS
tls://[2606:4700:4700::1001]               # Cloudflare DNS IPv6
public2.adguardprivate.svc.cluster.local    # Private DNS, other upstream

# Split rule example
[/google.com/bing.com/github.com/stackoverflow.com/]tls://1.0.0.1 public2.adguardprivate.svc.cluster.local
[/cn/xhscdn.com/tencentclb.com/tencent-cloud.net/aliyun.com/alicdn.com/]223.5.5.5 2400:3200::1 public0.adguardprivate.svc.cluster.local

List of Domestic ISP DNS Servers

Telecom DNS Servers

Unicom DNS Servers

National Mobile DNS IP

Public DNS IP

Configuration Recommendations

1. Prioritize nearby DNS servers
2. Configure both IPv4 and IPv6 DNS
3. Set up backup DNS for important domains
4. Regularly update split rules
5. Monitor DNS response time

Precautions

• Record original DNS settings before configuration
• Avoid using untrusted DNS servers
• Regularly check if DNS resolution is normal
• Keep the rule list concise and effective

By reasonably configuring DNS split, you can significantly enhance the network access experience. It is recommended to choose appropriate DNS servers and split rules based on actual needs.

References

• List of DNS Servers for Each Province in China
• National Public DNS Query

1.2.5 - Using Custom Device Names

If you directly use the service’s listening address, such as:

• tls://xxxxxxxx.adguardprivate.com
• https://xxxxxxxx.adguardprivate.com/dns-query

The IP shown in the Client Rankings in the backend will be the cluster IP of the load balancer, which is meaningless to users and does not distinguish between different devices.

You can identify different devices by using extended domain names and adding URL paths.

• DoT uses the extended domain name method, such as tls://device1.xxxxxxxx.adguardprivate.com
• DoH uses the method of adding a URL path, such as https://xxxxxxxx.adguardprivate.com/dns-query/device2

Note:

• When setting up on Android devices, you do not need to enter the protocol prefix tls://, just enter device1.xxxxxxxx.adguardprivate.com
• For Apple devices, enter the client ID in the setup guide, download the configuration file to set up, no manual input is required

All devices of a personal service share the service’s query limit of 30 requests per second.

1.2.6 - Faster Request Response

Paid users using AdGuard’s private service have the following DNS request path:

Based on the path, the fastest response scheme can be analyzed.

Local Cache Hit

The fastest response is a local cache hit. Since the local cache is at the memory level, it is very fast, taking only a few microseconds.

This is controlled by the TTL (time to live) value of the DNS response, typically ranging from a few minutes to several hours, indicating that the query result is valid during this time and does not need to be queried again.

You can set the minimum TTL value in Control Panel -> Settings -> DNS Settings -> DNS Cache Configuration -> Override Minimum TTL Value. Increasing this value extends the cache time, allowing the system to use the local cache more often. The typical TTL value is 600 seconds.

However, since this site also has filtering capabilities, if the service you need is mistakenly blocked by ad rules, you won’t be able to access it immediately even if you temporarily disable encrypted DNS, because the local cache result has been modified by the filtering rules. Therefore, setting it to 60 seconds is a safer value, ensuring that in rare cases, users won’t have to wait too long after disabling encrypted DNS due to misblocking.

AdGuard DNS Server

Currently, this site uses Alibaba Cloud servers located in Hangzhou, which can meet the low-latency needs of most users in the eastern region. As the business grows, servers will be added across the country in the future.

Server Cache Hit

By default, 4MB of DNS cache is set for each user, which is sufficient for a household based on experience. Freely modifying this setting may lead to forced termination of user services, and this site has blocked the modification entry for this setting.

Upstream DNS Server

Due to the use of Alibaba Cloud services, the upstream DNS service also uses Alibaba Cloud’s DNS service, which is very fast, typically returning results within a few milliseconds.

Users have three ways to request the upstream DNS server:

1. Load Balancing: This site uses load balancing by default, automatically selecting the fastest server to return results.
2. Parallel Requests: This site currently does not restrict the use of parallel requests.
3. Fastest IP Address: This setting is currently meaningless, and this site has blocked the modification entry for this setting.

Here’s why the Fastest IP Address is meaningless: the fastest IP needs to be chosen by the device actually accessing the service. When the AdGuard service runs in Hangzhou and the user is in Beijing, AdGuard will think the IP address in Hangzhou is the fastest, but in reality, the user’s access to services in Beijing is the fastest. Choosing the Hangzhou IP address would actually increase latency. Therefore, this site has blocked the modification entry for this setting. This setting might be useful in a user’s home network but is meaningless in public services.

Many factors affect network experience, such as server bandwidth, network congestion, server load, and network quality. Choosing the fastest IP address does not guarantee the fastest response speed; latency is just one factor, not the only one. To prevent users from setting it incorrectly and causing a decline in service quality, this site has blocked the modification entry for this setting.

Rule Filtering

The most commonly used mode is the blacklist list, from which users can choose. The blacklist hit uses a hash algorithm, so regardless of the number of rules, the hit time is O(1), and users do not need to worry about the hit time being too long due to a large number of rules.

However, after rule calculation, they are stored in memory, with each user’s service memory usage limited to within 300MB, which can meet the needs of most users. If a user has too many rules, it may lead to insufficient memory, causing the service to restart repeatedly and resulting in service interruption.

This site has temporarily blocked the use of third-party rules to avoid users introducing too many rules. In the future, with better restriction methods, the use of third-party rules will be reopened.

Summary

To achieve faster request responses, users can:

1. Appropriately increase the minimum TTL value to increase the local cache hit rate.
2. Set an appropriate DNS cache size (pre-set value).
3. Choose to create a service in the geographically closest city (awaiting business development).
4. Choose load balancing for no overseas needs; choose parallel requests for overseas needs.
5. Use a blacklist rule that suits you, avoiding introducing too many rules.

1.2.7 - Setting Up Trusted Service Providers

When creating a paid service, the default setting uses faster domestic upstream services, including Ali’s IPv4 and IPv6 as well as DoT services.

Some service providers may have issues with incorrect DNS resolution, directing some overseas websites to the wrong IP addresses, resulting in inaccessibility. A common symptom is a certificate error in the browser.

To avoid resolution errors, you can switch to an upstream service provider like Cloudflare. When using such services, ensure you are using the DoH or DoT protocol to prevent hijacking.

Additionally, you need to disable domestic upstream services, as they are closer and faster, and AdGuard will prioritize them.

To disable an upstream service, simply add a # before the corresponding service IP.

After setting up, you need to test the upstream to ensure the upstream server is available, and then apply the changes.

However, using only overseas services can degrade the access experience for domestic apps, as these apps typically route overseas resolutions to specific external servers, resulting in slower domestic access speeds.

If you only need to avoid resolution errors for commonly used services, you can manually specify a specific resolution address for the domains that are incorrectly resolved, while still using the default domestic upstream services for unspecified domains.

In the AdGuard console, go to Settings -> DNS Settings -> Upstream DNS Servers, and add the domains that are incorrectly resolved in the format [/example1.com/example2.com/]tls://1.0.0.1 to Custom DNS Servers, then click Save Settings.

public2.adguardprivate.svc.cluster.local is our internally provided resolution service that avoids resolution errors, with the upstream set to Cloudflare. Compared to users manually specifying an overseas upstream, it offers faster resolution speeds, at the cost of a slight delay when updating domain resolutions. If you do not have specialized needs, you can use our provided resolution service that avoids errors.

If you need to use external resolution addresses from Cloudflare or Google, you must specify the IP using DoT/DoH. Here are some examples:

#tls://1.1.1.1
tls://1.0.0.1
tls://[2606:4700:4700::1111]
tls://[2606:4700:4700::1001]
tls://[2606:4700:4700::64]
tls://[2606:4700:4700::6400]
https://1.1.1.1/dns-query
https://1.0.0.1/dns-query
https://[2606:4700:4700::1111]/dns-query
https://[2606:4700:4700::1001]/dns-query
#tls://8.8.8.8
#tls://8.8.4.4
tls://[2001:4860:4860::8888]
tls://[2001:4860:4860::8844]
tls://[2001:4860:4860::64]
tls://[2001:4860:4860::6464]
#https://8.8.8.8/dns-query
#https://8.8.4.4/dns-query
#https://[2001:4860:4860::8888]/dns-query
https://[2001:4860:4860::8844]/dns-query

The addresses commented with # are currently blocked by the firewall and temporarily unusable.

Our site fully supports IPv6, which is one of our advantages, allowing the use of IPv6 addresses for upstream services to achieve more stable resolution speeds.

1.3 - Privacy Policy

• AdGuard Private does not collect any information from paying users.
• AdGuard Private does not share any information of paying users with third parties.
• AdGuard Private uses randomly generated usernames and passwords to provide services, with only the payment order number linked to the username, and the payment order number does not involve personal information.
• When initiating consultations via WeChat and email, AdGuard Private will be aware of contact details such as WeChat ID or email address.
• Contact details are used only for service inquiries, and AdGuard Private will not proactively send any promotional information to the obtained contact details.
• AdGuard Private uses tools like Google Analytics for website traffic statistics, but does not collect any personal information.
• AdGuard Private, when troubleshooting user issues, will review the service operation logs of the user’s private service, but will not collect any personal information.

2 - Feature Description

Product Overview

AdGuard Private is a powerful network ad blocking tool focused on providing comprehensive network privacy protection and content filtering services. Through advanced filtering technology, it helps users achieve a safer, faster, and cleaner browsing experience.

Core Features

• Intelligent Encryption Service

  • Supports DoT/DoH encryption protocols
  • High-performance domain name resolution
  • Intelligent caching mechanism

• Comprehensive Ad Blocking

  • Precise ad identification
  • Pop-up and tracker blocking
  • Custom filtering rules

• Privacy Protection

  • Encrypted queries
  • Log recording options
  • Anti-tracking protection

• Advanced Features

  • Real-time statistical analysis
  • Parental control
  • Schedule settings
  • Blacklist and whitelist management
  • Custom rewriting

Please refer to the table of contents on the left for detailed descriptions of each feature.

2.1 - Web Ad Blocking

Basic Principles of Ad Blocking

AdGuardPrivate’s private service uses DNS filtering technology to monitor and analyze network requests in real time. When an ad-related domain request is detected, the system automatically returns an empty address or a local loopback address, effectively blocking the loading of ad content. This method is both efficient and transparent to the user, without affecting the normal browsing experience.

Intelligent Blacklist System

AdGuard employs a multi-tiered blacklist management mechanism:

• Automatic Updates: The system periodically retrieves the latest list of ad domains from trusted sources.
• Categorized Management: Categorized by ads, trackers, malware, etc.
• Performance Optimization: Uses efficient matching algorithms to ensure quick responses.
• Statistical Analysis: Provides detailed interception statistics to help you understand the effectiveness of the protection.

Flexible Whitelist Control

The whitelist feature provides precise access control:

• Access Protection: Only allows access to trusted websites.
• Scenario Customization: Suitable for parental controls and enterprise network management.
• Simple Configuration: Supports import and export for easy management.
• Real-time Effect: Changes take effect immediately, no need to restart the service.

Usage Recommendations

1. Start with the basic blacklist and adjust gradually.
2. Regularly check interception statistics to understand system performance.
3. Add to the whitelist promptly if there is a misblock.
4. Customize filtering rules for special needs.

Technical Details

DNS Filtering Mechanism

• Uses efficient DNS response caching.
• Supports dual-stack filtering for IPv4 and IPv6.
• Millisecond-level local response speed.

Rule Matching

• Precise domain name matching.
• Supports wildcard rules.
• Regular expression matching.

Performance Optimization

• Memory-optimized data structures.
• Concurrent request handling.
• Intelligent caching mechanism.

2.2 - Mobile Ad Blocking

Problem Overview

Many Android devices come pre-installed with adware, which can:

• Display ads at inappropriate times
• Continuously collect user data in the background
• Consume system resources, leading to decreased device performance
• Increase unnecessary network data usage
• Significantly reduce battery life

AdGuard Solution

AdGuard’s private service protects your device by:

• Intercepting network requests from adware
• Preventing malicious tracking activities
• Optimizing device performance
• Extending battery life
• Reducing mobile data usage

2.3 - Privacy Protection

The Relationship Between Privacy and Advertising

Advertisers’ revenue primarily comes from ad conversions. To increase conversion rates, platforms need to:

1. Increase user retention
2. Deliver personalized ads

This requires collecting a large amount of user privacy data. Platforms circumvent legal restrictions through the following methods:

• Complex user agreements
• Data exchange with partners
• Disguised data anonymization

Priority of Privacy Protection

Privacy protection is more important than simply removing ads:

• AdGuard’s Chinese region tracking interception rules (>400,000) far exceed ad rules (<100,000)
• Some platforms have fewer ads but gain more revenue through privacy data

The “Thoughtfulness” Behind Platforms

So-called personalized recommendations are often not truly understanding user needs, but rather marketing strategies of the platforms:

• “You like this” actually means “I want to sell this”
• Behind seemingly thoughtful services is continuous data collection

How to Protect Yourself

Learn “cyber sophistication” — control privacy leaks and avoid being accurately profiled by platforms. AdGuard’s private service can help you achieve this goal.

2.4 - Malware Interception

What is Malware?

Malware is a type of software designed to damage or gain unauthorized access to computer systems. It may:

• Steal personal information and sensitive data
• Disrupt system functionality and files
• Encrypt data for ransom
• Add devices to botnets

How Malware Spreads

Hackers typically spread malware through the following methods:

• Disguised as legitimate software download links
• Attachments in phishing emails
• Websites with vulnerabilities
• Infected advertisements

How AdGuard Protects You

AdGuard’s private service provides comprehensive malware protection:

• Intercepts known malware download links
• Blocks communication between malware and control servers
• Identifies and prevents suspicious data leaks
• Regularly updates the malware signature database

It is recommended that you also take other security measures, such as timely system and software updates, and cautious downloading and opening of attachments.

2.5 - Adult Content Blocking

Overview of Features

AdGuard Private Service employs a multi-layered content filtering mechanism that can effectively identify and intercept:

• Pornographic and adult content websites
• Violent content
• Gambling-related websites
• Other harmful information

How It Works

The system achieves content interception through the following methods:

1. DNS-level Interception: Blocks domain name resolution of known harmful websites
2. Intelligent Categorization: Based on a classification system from multiple trusted data sources
3. Real-time Updates: Regularly updates interception rules to ensure protection effectiveness

Configuration Guide

Basic Settings

Add the list to the filter blacklist Link

Advanced Options

• Custom Rules: Add specific websites to the interception list
• Exception Management: Set a whitelist to avoid false positives
• Access Logs: View interception records

Use Cases

• Home Protection: Create a safe internet environment for minors
• Corporate Management: Ensure employees access websites that meet work requirements
• Public Places: Suitable for libraries, schools, and other public networks

Notes

1. It is recommended to use in conjunction with parental control features
2. Regularly check and update filtering rules
3. If false positives are found, add them to the whitelist promptly
4. In case of bypassing interception, submit feedback

2.6 - Social Network Interception

Risks of Social Network Tracking

Social network platforms collect user data in various ways:

• Social plugins and share buttons
• Embedded content and widgets
• Third-party cookies and trackers
• Cross-site user behavior analysis

How AdGuard Protects You

AdGuard’s private service protects your privacy in the following ways:

• Intercepts social media trackers
• Blocks unauthorized data collection
• Filters social network ads
• Prevents user profiling analysis

Recommended Usage

1. Enable social network filters
2. Regularly check interception logs
3. Set up a whitelist as needed
4. Keep filter rules updated

By following these measures, you can continue to use the core features of social networks while protecting yourself from unnecessary tracking and data collection.

2.7 - Phishing Website Interception

What is a Phishing Website?

A phishing website is a fraudulent site that masquerades as a legitimate one to obtain users’ personal information, account passwords, and other sensitive data. These sites typically mimic:

• Banks and payment platforms
• Social networks
• E-commerce websites
• Government agency websites

Main Hazards

• Stealing user accounts and passwords
• Theft of bank card and payment information
• Spreading malware
• Causing personal privacy breaches
• Resulting in financial losses

How AdGuard Protects You

AdGuard’s private service provides protection through the following methods:

1. Real-time checking of URL safety
2. Intercepting known phishing websites
3. Blocking malicious domain resolution
4. Providing safe browsing alerts

Safety Usage Recommendations

• Enable AdGuard’s phishing protection feature
• Pay attention to the authenticity of URL addresses
• Do not click on links from unknown sources
• Regularly update AdGuard’s rule database

2.8 - Tracking Interception

What is Tracking?

Tracking is the act of websites and applications collecting user data. Common tracking methods include:

• Cookie tracking
• Web pixels (Tracking Pixels)
• Browser fingerprinting
• Device identifier collection
• Behavioral analysis scripts

The Impact of Tracking

Tracking can have the following negative effects:

• Infringement on user privacy, exposing personal behavior data
• Increased network traffic consumption
• Reduced device battery life
• Impact on page load speed

How AdGuard Protects You

AdGuard’s private service comprehensively protects your privacy in the following ways:

• Intelligent identification and interception of tracking requests
• Blocking third-party cookies
• Removing tracking parameters
• Shielding common analytics scripts

By using AdGuard, you can enjoy a safer, faster, and more energy-efficient online experience.

2.9 - Malicious Traffic Interception

Malicious Traffic Interception

Problem Background

During your daily internet use, you may encounter the following security risks:

• ISP DNS hijacking, directing you to fake websites
• Public WiFi hotspots injecting ad content
• Man-in-the-middle attacks altering webpage content
• Unencrypted traffic being monitored and hijacked

Solution

Through the following technical measures, we can effectively protect against these threats:

1. Enable encrypted DNS queries
2. Use HTTPS encrypted connections
3. Establish private secure channels
4. Monitor abnormal traffic in real-time

These protective measures can ensure your network access is safe and reliable, preventing various types of malicious hijacking and content tampering.

2.10 - Access Request Logs

Complete Access Request Logs

Access request logs provide the following detailed information:

• Time: The specific time when the request occurred
• Client: The IP address of the device that initiated the request
• Request Target: The domain name or IP address accessed
• Response Status: The result of the request processing
• Filtering Rules: The triggered filtering rules (if any)

You can use the search box to filter logs by domain name, IP, or rule name. Logs are retained by default for 3 days.

Request Domain Rankings

Domain access statistics show:

• The most frequently accessed domains
• The number of requests for each domain
• The generated upstream and downstream traffic
• The most recent access time

Supports sorting by number of requests or traffic size, helping you identify frequently visited websites.

Intercepted Domain Rankings

Interception statistics display:

• List of intercepted domains
• Statistics on the number of interceptions
• Triggered filtering rules
• Most recent interception time

You can directly in the list:

• Add mistakenly intercepted domains to the whitelist
• View the specific rules that caused the interception
• Export statistical data for analysis

2.11 - Statistics

DNS Query Statistics

AdGuard’s private service provides detailed DNS query statistics analysis, helping you better understand network usage.

Request Domain Rankings

The statistics include:

• Frequency of domain visits
• Number of requests per domain
• Trends by time period
• Support for search and filtering

Interception Record Analysis

Detailed display:

• List of intercepted domains
• Details of interception rule matches
• Explanation of interception reasons
• Record of interception times

Data Application

Statistics can help you:

• Identify potential security threats
• Optimize ad filtering rules
• Analyze network usage habits
• Adjust network access policies

2.12 - Supported Platforms

Supported Protocols

AdGuardPrivate private service supports the following encrypted DNS protocols:

• DoT (DNS over TLS) - DNS queries encrypted via TLS
• DoH (DNS over HTTPS) - DNS queries encrypted via HTTPS

Supported Platforms

Windows 11

• Supports system-level DoH configuration
• Configured through Settings->Network & Internet->DNS server

macOS (Big Sur and above)

• Supports system-level DoH/DoT configuration
• Can be configured through System Preferences->Network

iOS (14.0 and above)

• Supports system-level DoH/DoT configuration
• Can be configured in Settings->General->VPN & Device Management

Android (9.0 and above)

• Supports system-level private DNS (DoT)
• Configured in Settings->Network & Internet->Private DNS

Browser Support

• Chrome/Edge/Brave: Supports DoH
• Firefox: Supports DoH/DoT
• Safari: Follows system DNS settings

For detailed configuration instructions, please refer to the specific configuration guides for each platform.

2.13 - Configuration Guide

Quick Start

AdGuardPrivate private service adopts a “plug-and-play” design concept:

• Pre-configured optimized settings
• Intelligent rule management
• Automatic updates and maintenance

Configuration Methods

Encrypted Connection Options

Two secure encryption methods are provided:

1. TLS Encryption

   • Higher performance
   • Suitable for mobile devices
   • Supports DNS-over-TLS

2. HTTPS Encryption

   • Wider compatibility
   • Suitable for browsers
   • Supports DNS-over-HTTPS

Device Configuration Guide

Browser Configuration

• Link: https://xxxxxxxxxxxxxxxx.adguardprivate.com/dns-query
• Supports all major browsers
• No additional plugins required

Android Devices

• Server: xxxxxxxxxxxxxxxx.adguardprivate.com
• Supports system-level settings
• Compatible with third-party DNS apps

iOS Devices

• Provides a dedicated configuration profile
• Supports system-level settings
• Automatically configures required parameters

Advanced Settings

Custom Rules

• Supports importing custom filtering rules
• Can set rule priority
• Supports regular expressions

Performance Optimization

• DNS cache settings
• Response timeout configuration

2.14 - Open Source Information

This project is derived from an open source project and follows the same open source license GPL-3.0.

• Source Repository: https://github.com/AdGuardTeam/AdGuardHome
• Fork Repository: https://github.com/AdGuardPrivate/AdGuardPrivate

2.15 - Custom Rules

AdGuard Private supports multiple custom rule formats, allowing you to configure flexibly as needed. Here are common rule formats and examples:

Advanced Usage

• You can use multiple rules in combination
• Rule priority: Whitelist > Blacklist > DNS Redirection
• Supports importing third-party rule lists

For more details, please refer to the AdGuard Home Hosts Blocklists documentation.

2.16 - Custom Parsing

Feature Introduction

Custom parsing allows you to:

• Configure custom domain names for LAN devices
• Implement private domain name resolution
• Access intranet services securely and conveniently

Application Scenarios

Network Device Access

• NAS device: nas.home → 192.168.1.100
• Router: router.home → 192.168.1.1
• Printer: printer.home → 192.168.1.200

Development and Testing Environment

• Local service: api.local → 127.0.0.1
• Testing environment: test.local → 192.168.1.50
• Container: redis.local → 172.17.0.2

Configuration Instructions

Basic Syntax

Domain name Record type Target address
home A 192.168.1.2
*.home A 192.168.1.2

Supported Record Types

• A record: IPv4 address resolution
• AAAA record: IPv6 address resolution
• CNAME record: Domain name alias

Security Features

• Effective only on configured devices
• Does not leak intranet IP addresses
• Supports wildcard domain configuration
• Takes effect in real-time, no restart required

Usage Recommendations

1. Choose intuitive domain name naming
2. Recommend using suffixes like .home
3. Record changes in intranet IP addresses
4. Regularly check parsing configurations

2.17 - Custom Intercept List

Function Overview

The custom intercept list provides:

• Precise domain interception control
• Flexible rule import and export
• Real-time effective update mechanism
• Convenient list management interface

Supported List Formats

Standard Format

||example.com^
||ads.example.com^

Mainstream Subscription Sources

• AdGuard format
• HOSTS format
• Domain format

System Pre-installed Lists

We provide the following optimized lists:

• Mobile Manufacturer Ad Blocking: Specifically targets ads from various brand mobile systems
• General Ad Blocking: Covers common ad networks
• Privacy Protection: Prevents trackers and data collection

Usage Recommendations

1. List Selection

   • Add lists from trusted sources
   • Avoid adding duplicate rules
   • Regularly update rule sources

2. Performance Optimization

   • Control the number of lists
   • Remove invalid rules
   • Monitor interception effects

3. Troubleshooting

   • Record interception logs
   • Verify rule syntax
   • Handle misinterceptions promptly

2.18 - Quick Response

Quick Response

AdGuardPrivate private service uses a high-performance server cluster to provide users with an extremely fast network access experience. The following methods are used to achieve superior performance:

Optimized Network Architecture

• Dedicated server deployment
• Optimized network routing
• Reduced intermediate nodes
• Low-latency connections

Technical Advantages

• High-performance caching system
• Intelligent DNS resolution
• Load balancing
• Fast failover

Performance Improvement

• Significantly reduced access latency
• Increased webpage loading speed
• Optimized DNS query time
• Enhanced overall browsing experience

2.19 - Setting Internet Access Schedules

Feature Introduction

AdGuard Private Service provides flexible internet access schedule management, helping parents better manage their children’s internet time. You can set independent internet rules for different devices, ensuring healthy internet use for your family.

Setup Method

1. Log in to the AdGuard Private Service management interface
2. Go to Filters -> Blocked Services
3. Click on the “Internet Access Schedule” option
4. Set the time periods for allowed or prohibited internet access

Usage Recommendations

• Set internet access times that align with school schedules for school-age children
• You can set different strategies for weekdays and weekends
• It is recommended to set a uniform bedtime restriction period

Notes

• Changes to settings take effect immediately
• Time period settings can be adjusted at any time
• Supports temporary lifting of restrictions

3 - Cyber City Mansion

3.1 - How to Prevent Personal Information Leaks and "Doxxing" Risks

Beware of Risks from Piecing Together Fragmented Information

In the internet era, personal information exists in fragmented forms across various platforms and services. Many people believe that leaking bits of information is inconsequential. However, the online environment is not absolutely safe, and individuals with malicious intent can collect and integrate these fragmented pieces to create a complete personal profile. Even the simplest search engine can be used for information gathering.

Taking a certain social platform as an example, while users share snippets of their lives, they may inadvertently expose personal information. For instance, some users enjoy publicly discussing the meaning and usage scenarios of passwords, which undoubtedly increases the risk of password cracking.

The principles of social engineering tell us that meaningful strings often appear repeatedly in multiple places. A unique username or an easily remembered password is likely to be reused by users across different platforms, becoming a common pathway for internet information leaks.

Reduce Account Association to Protect Personal Identity

For the average internet user, if there is no need to build a personal brand, it is recommended to use randomly generated usernames and passwords to minimize the association between accounts on different platforms.

It should be noted that using different account passwords alone is not enough to completely eliminate account association. If similar or identical content is posted across different platform accounts, it may still be possible to identify the association.

Common Types of Sensitive Information

Here are some common types of sensitive information that require special attention to protect:

• Passwords
• Usernames
• Profile pictures
• Birthdays
• Addresses
• Phone numbers
• Email addresses
• QQ numbers
• WeChat IDs
• Personal websites
• Geographic locations
• Photos

Some criminals use “social engineering databases” to integrate personal information leaked from different channels. For example, if information leaked from two different platforms contains the same phone number, it can be highly suspected that these two pieces of information belong to the same person.

Even if usernames and photo styles from different platforms are vastly different, they may still be linked through social engineering databases, ultimately forming a complete personal information file.

This is not an exaggeration but a common application scenario of social engineering databases. The threshold for using social engineering databases for information collection and “doxxing” is not high, and even minors can easily master it.

Enhance Cybersecurity Awareness to Protect Personal Privacy

While the internet brings people closer together, it can also exacerbate the distance between them. Social platforms provide a space for communication but may also make people feel more isolated.

In the online world, we yearn to express ourselves and find resonance, but we also need to remain vigilant and protect our personal privacy.

When interacting with strangers online, there is no need to disclose personal information in detail. Be cautious in speech and action, maintain restraint, enjoy solitude, and improve oneself to navigate the online world with ease.

Recommendations:

• Regularly check and update your passwords to ensure they are strong enough.
• Avoid using the same account passwords across different platforms.
• Be cautious when sharing photos and updates that contain personal information.
• Use tools like AdGuardPrivate to protect your DNS queries and prevent DNS leaks.
• Stay informed about the latest cybersecurity trends and promptly learn about new threats and prevention methods.

3.2 - Guide to Protecting Personal Online Privacy

Why Protect Online Privacy?

In the digital age, every online activity can leave a trace:

• Browsing history is tracked
• Personal preferences are analyzed
• Location information is collected
• Social relationships are mapped

Basic Protection Measures

1. Browser Configuration

• Use private browsing mode
• Disable third-party cookies
• Enable “Do Not Track” feature
• Regularly clear browsing data

2. Search Engine Selection

• Use anonymous search engines (like DuckDuckGo)
• Avoid searching sensitive content while logged in
• Use multiple search engines for cross-verification

3. DNS Encryption Protection

• Enable DNS-over-HTTPS
• Use private DNS services
• Avoid default DNS servers

Advanced Protection Strategies

1. Network Access Protection

• Use trusted services
• Enable HTTPS-Only mode
• Avoid using public Wi-Fi

2. Ad Tracking Protection

• Install ad blockers
• Use content filters
• Turn off personalized ad options

3. Social Media Privacy

• Review privacy settings
• Limit sharing of personal information
• Turn off location services
• Be cautious with third-party logins

Daily Use Recommendations

Reduce Digital Footprint

• Use temporary email services
• Avoid registering with real names
• Use different passwords on different platforms
• Regularly check authorized applications

Prevent Privacy Leaks

• Use password managers
• Enable two-factor authentication
• Encrypt important files
• Be cautious when installing new apps

Precautions

• Use privacy protection tools reasonably
• Comply with local laws and regulations
• Keep software updated
• Cultivate privacy protection awareness

Complete anonymity is difficult to achieve, but these measures can significantly enhance personal privacy protection. Choose the protection measures that suit you, finding a balance between convenience and security.

3.3 - Guidelines for Protecting Adolescents' Online Safety

Challenges in the Online Environment for Modern Adolescents

In the digital age, adolescents face unprecedented online challenges:

• Vast amounts of information of varying quality
• Limited ability to identify online risks
• Easily attracted to harmful content
• Lack of self-management awareness

Intelligent Protection Solutions

1. Application Access Management

Features:

• Precise control over accessible applications
• Prevent installation of inappropriate software
• Protect personal information security

2. Time Management System

Functions:

• Set reasonable usage periods
• Prevent internet addiction
• Foster good sleep habits

3. Behavior Monitoring and Guidance

Access Record Analysis

Uses:

• Understand online behavior patterns
• Timely identify potential risks
• Provide targeted guidance and communication

Intelligent Interception Settings

Customizable:

• Content rating filtering
• Personalized protection rules
• Dynamic adjustment of strategies

Parental Guidance Suggestions

Beyond protective measures, good family education is even more important:

• Have open conversations with children about internet use
• Cultivate independent thinking and judgment skills
• Establish a trusting communication mechanism
• Gradually relax controls

Technological means are auxiliary tools; education and guidance are fundamental. Use control tools appropriately while focusing on cultivating adolescents’ internet literacy and self-management abilities.

3.4 - Protecting Seniors from Online Scams

Online Risks Faced by Seniors

In today’s society, seniors are facing increasingly serious cybersecurity threats. The following characteristics make them a high-risk group for online scams:

• Not proficient in operating smartphones
• Lack of awareness and prevention of online scams
• Less exposure to cybersecurity-related information
• Easily trust unverified software download links

Technical Protection Solutions

AdGuard Security Protection

AdGuard provides professional malware interception functionality:


This solution has the following advantages:

• Runs in the cloud, no need to install additional applications
• Zero system resource consumption
• Simple configuration and not easily misoperated
• Automatic continuous protection

Practical Effects

After a year of practice, we have observed significant improvements:

• Significantly reduced requests for “phone cleaning” assistance
• Enhanced daily usage experience
• Reduced phone usage frustrations

Comprehensive Protection Strategy

While technical measures are important, comprehensive protection also requires:

• Regular companionship and communication to understand usage difficulties
• Patiently explaining basic cybersecurity knowledge
• Staying vigilant and promptly identifying potential threats

Technology is a tool, but care is the foundation. Regular companionship and patient guidance are the best ways to protect seniors from online risks.

3.5 - How to Deal with Corporate Network Monitoring

The Evolution of Corporate Network Monitoring

The monitoring methods of modern enterprises have shifted from traditional physical monitoring (such as cameras, on-site inspections, etc.) to more sophisticated digital monitoring systems. This transition makes monitoring more covert and cost-effective.

Common Network Monitoring Methods

One of the core methods of corporate network monitoring is tracking through DNS servers. The specific implementation methods include:

1. Deploying dedicated DNS servers within the corporate network
2. Forcing the use of corporate DNS through DHCP services
3. Establishing a correspondence between IP addresses and workstations

The Technical Principles of Monitoring

Even today, with the widespread use of HTTPS, DNS queries are still transmitted in plain text. This means:

• All domain name resolution requests will be recorded
• Although the specific content accessed cannot be seen, the domain names of the websites visited can be known
• Combined with timestamps, employee internet behavior patterns can be analyzed

Solutions for Protecting Personal Privacy

To reasonably protect personal privacy, consider the following solutions:

• Use personal mobile networks
• Configure private DNS services
• Use secure VPN services

Please note: When taking any privacy protection measures, one should comply with relevant laws and regulations and corporate policies.

4 - Basic Tutorial

📚 Reading Guide

To make network knowledge easier to understand, this tutorial will use a lot of metaphors and analogies from everyday life. Our goal is to make it easy for everyone to grasp the basics of networking, regardless of technical background. While these metaphors may not be precise, they will help you quickly establish a basic understanding of network concepts.

Introduction to Network Basics

In this tutorial, we will explain the basics of networking through vivid metaphors and analogies. Our goal is to make it easy for everyone to grasp these concepts, regardless of technical background. While these metaphors may not be precise, they will help you quickly establish a basic understanding of network concepts.

Unlike rigorous technical terms, this section will use a lot of colloquial expressions to help non-professionals understand the basic concepts of networking.

We will use a lot of appropriate or inappropriate metaphors and analogies with the aim of helping readers quickly understand the basic concepts of networking.

4.1 - What is DNS

Essentially, the DNS service is like a Xinhua dictionary. By querying the dictionary, we can find the IP address corresponding to a domain name.

Introduction to DNS

DNS (Domain Name System) is one of the infrastructures of the internet, like a Xinhua dictionary, responsible for converting human-readable domain names into computer-understandable IP addresses.

How DNS Works

When you enter a URL in your browser:

1. The browser first checks the local cache
2. If not found, it sends a query to the DNS server
3. The DNS server returns the corresponding IP address
4. The browser uses this IP address to access the target website

Key Concepts

• Domain Name: The readable address of a website, such as www.adguardprivate.com
• URL (Uniform Resource Locator): The complete web address, including protocol, domain name, and path, such as https://www.adguardprivate.com
• IP Address: The numerical identifier of a network device, such as 1.1.1.1
• DNS Server: A computer that provides domain name resolution services
• Website Hosting: Storing website files on a server to make them accessible via the internet

4.2 - Basic Principles of AdGuardPrivate Protection

Overview of How It Works

AdGuardPrivate protects your network security and privacy through DNS-level interception. It acts like an intelligent gatekeeper, screening all domain requests:

• ✅ Safe websites: Normal access
• ❌ Ad domains: Blocked
• ❌ Trackers: Blocked
• ❌ Malicious websites: Blocked

Interception Process Diagram

Key Features

1. DNS-level Interception: Intercepts before the request occurs, more efficient
2. No Need for Plugins: Network-level protection, effective for all devices
3. Low Resource Consumption: Only processes DNS requests, minimal impact on device performance
4. Coverage for All Devices: One configuration protects all connected devices

5 - Frequently Asked Questions

Thank you for choosing AdGuard Private! We are always committed to providing you with the best service:

• Feel free to provide us with your usage experience and suggestions at any time
• We prioritize privacy protection
• No registration required, no collection of phone numbers or email addresses
• No marketing interruptions of any kind

Need Help

Send an email service1@adguardprivate.com
Please describe the issue you are experiencing in detail, and we will respond as soon as possible.

5.1 - How to Purchase and Use

Purchase and Use

5.2 - iOS Device Restore Settings

If you encounter misinterception issues on your iOS device, you can restore the original DNS settings using the following two methods.

Method One: Temporarily Disable DNS Encryption

This method is suitable for temporarily testing whether the issue is caused by DNS settings:

1. Open the Settings app
2. Go to General > VPN & Device Management
3. Find the DNS option under the Access Restrictions and Proxy section
4. Select Automatic to temporarily restore the system default settings

Method Two: Completely Remove Configuration

To completely remove DNS encryption settings:

1. Open the Settings app
2. Go to General > VPN & Device Management
3. Find public.adguardprivate.com DoT under Configuration Profiles
4. Click Remove Profile and confirm

If you decide to permanently stop using AdGuard Private, it must be because our service has caused you a bad experience, and we are very sorry for the inconvenience caused. The public service uses popular interception rules, and due to limited manpower, we cannot be aware of all app misinterceptions or missed interceptions. If you wish to customize rules to meet personalized needs, you can consider purchasing private services, which offer dedicated services at a very high cost-performance ratio to meet various needs.

Configuration Demonstration

5.3 - How to Handle False Interceptions

Some services are considered necessary by some users but viewed as personal data collection or advertising by others. For example, within WeChat and Alipay, some mini-programs that mix services and advertisements may not function properly, and payment redirections such as those for parking lots or vending machines may not work correctly.

If the interception rules are set too strictly, these services may be blocked, causing service malfunctions.

Temporarily Disable Protection

If you need an urgent, temporary solution, you can resolve it by temporarily disabling protection. It usually takes effect within 10 seconds.

Add Services to the Whitelist

For services that you use long-term, you can add them to the whitelist to prevent them from being intercepted again. It usually takes effect within 10 seconds.

Temporarily Disable Settings

Public service users can resolve the issue by temporarily disabling the service. It usually takes effect within 60 seconds.

5.4 - After-Sales Service Guide

Service Features

We adopt a no-registration design to protect user privacy:

• No need for users to register an account
• No collection of personal information
• Service voucher obtained immediately after payment
• Completely anonymous service experience

Service Content

1. Technical Support

   • Installation and configuration guidance
   • Troubleshooting assistance
   • Consultation on feature usage

2. Service Assurance

   • 24/7 fault response
   • Service availability assurance
   • Rule update maintenance

Contact Methods

WeChat Support

• WeChat ID: adguard6688
• Service hours: Weekdays 9:00-18:00
• Response time: Usually within 2 hours

Email Support

• Email: service1@adguardprivate.com
• Email subject: Please specify “AdGuard Service”
• Response time: Within one business day

Service Voucher

After purchase, you will receive:

• Management backend access link
• Exclusive username and password
• Configuration guide document

Privacy Protection

We value user privacy:

• No collection of user personal information
• No sending of marketing emails and text messages
• Strict adherence to Privacy Policy

5.5 - Mini Program Inaccessibility

If the interception rules are set too strictly, they may block some normal services, causing service operation abnormalities.

Temporarily Disable Protection

If you need an urgent, temporary solution, you can resolve it by temporarily disabling protection. It usually takes effect within 10 seconds.

Add Service to Whitelist

For services that are used long-term, you can add the service to a whitelist to prevent it from being blocked again. It usually takes effect within 10 seconds.

Temporarily Disable Settings

Public service users can resolve the issue by temporarily disabling the service. It usually takes effect within 60 seconds.

5.6 - Slow Access to Some Websites

Slow Access to Some Video Websites

If you find that accessing certain websites is slow when using AdGuardPrivate, it may be due to the following reasons:

ECS Support:

The free version of AdGuardPrivate does not support ECS (Extended Client Subnet) functionality. ECS is a DNS protocol extension that allows DNS servers to provide more accurate DNS responses based on the client’s network location. Many CDNs (Content Delivery Networks) use ECS to direct users to the nearest server, thereby improving speed. The free version servers are located in Shanghai and Hangzhou.

Impact:

• Slower Speed: Without ECS, AdGuardPrivate may not be able to direct you to the optimal CDN server, resulting in slower speeds.
• Inaccurate Geographic Location: You may be directed to a server that is farther away from you, increasing latency.

Solutions:

• Upgrade to the Paid Version: The paid version of AdGuardPrivate supports ECS functionality, which can resolve this issue and improve speed.
• Use Other DNS Servers: You can try using other DNS servers that support ECS.