
Set up a cheap cloud hosted adblocker in an hour for $2.50 a month - Racsoo
http://gomez.wtf/set-up-a-cheap-cloud-hosted-adblocker-in-an-hour-for-2-50-a-month/
======
Orangeair
Just a heads-up, you can get 1 CPU and 0.6 gigs of RAM for free with the new
entry tier of GCP:
[https://cloud.google.com/free/](https://cloud.google.com/free/)

(Disclaimer: Google employee, unrelated product area)

~~~
nkkollaw
So, one gets 1 VPS for free forever..?

~~~
indexerror
It seems like it is $300 for the next 12 months. There is no mention of always
free.

~~~
nyolfen
from the parent's link:

> Always Free Products

> Use these products for free up to the specified usage limits during and past
> the free trial. These usage limits do not expire, but are subject to change.

------
bberrry
My number one reason for rooting my phone is blocking ads on a hosts-file
level. It also stopped me from being able to play pokemon go, which I assume
is for the best.

~~~
JohnTHaller
Why not just use Firefox with uBlock? Or do you use a lot of free apps with
ads that don't offer a pay for no ads option?

~~~
aembleton
I find Chrome to be faster than Firefox with uBlock on my Android device.

~~~
ZonedOut
Get Brave browser, it's based on Chrome and looks the same but has adblocker
and some other good features.

~~~
mirsadm
Is it open source? If not, I wouldn't trust it.

~~~
syrrim
Chrome isn't open source.

~~~
ZonedOut
Sorry, I wanted to say it's based on Chromium not Chrome.

------
boyter
I did the same thing but using an old netbook I had lying around. It lives
under the house running Pi-Hole and a few other things. I wrote about it here
[http://www.boyter.org/2015/12/pi-hole-
ubuntu-14-04/](http://www.boyter.org/2015/12/pi-hole-ubuntu-14-04/)

No idea what power draw it has (probably $5 a month?) but I have a large solar
array so I doubt it costs me anything to actually run. I also get to recycle
some old hardware.

EDIT - Seems that post was linked to by the pi-hole project itself at some
point. Was wondering why it got so much traffic each month.

~~~
fny
You must be blessed enough to have a fast upload speed. I'm still trapped at
~10Mbps. Thanks, Spectrum/TWC!

~~~
boyter
Not at all. I am still unlucky enough to be on ADSL2+ with 1Mbps upload.

Possibly will be looking at 40Mbit in the future but that depends on how lucky
I get in Australia with the NBN, so not expecting much.

------
diego_moita
Another solution: install DD-WRT or Tomato in your WiFi router and disable all
ad servers on the DNS: [http://dd-
wrt.com/wiki/index.php/Ad_blocking](http://dd-
wrt.com/wiki/index.php/Ad_blocking)

Pay attention: this might interfere with some google functionality because it
will block google ad-services. You'd have 2 workarounds: switch your searches
to Duck-Duck-Go or keep google ad-services out of the disable DNS addresses.

~~~
netsharc
But it doesn't work if you're not connected to your WiFi...

------
userbinator
Note that this is just a DNS-level adblocker, which is already quite useful (I
use a HOSTS file myself) but isn't quite as powerful as an actual
MITM/filtering proxy like Proxomitron which can more precisely remove the
content you don't want without having to block entire domains. If you use DNS-
only blocking, you will often see error messages in place of banners and other
oddities, because of sites which partly host some of the ad scripts
themselves.

You do have to do more initial setup with certificates and such, but IMHO the
more fine-grained filtering is worth it. The entire category of sites which
actually detect blocking can be worked around this way, as you can filter out
that code too.

~~~
j_s
Woah, Proxomitron, that's a blast from the distant past!

Has anyone picked up development of anything similar these days?

~~~
userbinator
There's Privoxy and Proximodo, but they both lack HTTPS filtering support.
There's also
[https://github.com/amate/Proxydomo](https://github.com/amate/Proxydomo) which
appears to be based on Proximodo and seems to use wolfSSL so it may be able to
do TLS MITM, but the documentation is unfortunately all in Japanese.

...and of course at the high end there's the enterprise filtering middleboxes
which are probably too expensive and difficult to configure for personal use.

------
dvno42
This is really neat and I had thought about doing this when I acquired a new
Android device that I don't have root on. Alternatively, a program was made to
host a DNS process on the phone in userland that downloads blacklists as well
as uses external well known nameservers. Then use build in VPN client to
redirect all DNS queries through to the daemon. DNS66 has been doing a fine
job since I started using it last week. [https://github.com/julian-
klode/dns66](https://github.com/julian-klode/dns66)

~~~
Splines
I use Netguard
([https://github.com/M66B/NetGuard](https://github.com/M66B/NetGuard)) and
found it to be better polished than DNS66, check it out if you're interested,
I'm a happy user.

~~~
aorth
I also use this and prefer it to DNS66 because I can use a hosts file rather
than just changing the DNS server. Both work well though. Oh, and both are
open source!

~~~
e40
When I look at it in F-Droid I see: the upstream source code is not entirely
free. What does that mean?

------
oszione
Changing the DNS server on Android is really not ideal and in some networks
outgoing DNS requests are blocked or redirected to the local resolver.

I know it's a lot more work but setting up Shadowsocks and Unbound with
similar DNS blacklists is a much better solution. This also comes with all the
benefits of using a VPN (technically, an obfuscated socks5 proxy using the
android VPN interface). If you manage the network, pfSense and pfBlockerNG are
also great and easy to set up.

------
MaikuMori
How sad is that we need to jump trough hoops to just disable ads on our
devices.

And before ads advocate responds - ask for my money instead of polluting my
mental space.

~~~
oxide
Until ads went rogue and started serving me malware, I never had a problem
with them.

After being served up a malicious pop-up that silently installed a bitcoin
miner a few years ago, I started whitelisting javascript with a plugin,
blocking ads, etc.

I haven't had a malware problem since I started doing this. I don't think it's
a coincidence.

The most convenient solution I've found for my phone is using the Firefox app,
which has extension support.

~~~
wernercd
Obligatory Forbes push to stop ad-blockers... followed by serving malware:

[https://www.techdirt.com/articles/20160111/05574633295/forbe...](https://www.techdirt.com/articles/20160111/05574633295/forbes-
site-after-begging-you-turn-off-adblocker-serves-up-steaming-pile-malware-
ads.shtml)

------
felixfurtak
... or simply subscribe to Ad Free Time for $1.99 /pm

[https://adfreetime.com/](https://adfreetime.com/)

~~~
oriettaxx
yes, very good!

Just curious, if I use their DNS, how to they know it's me? from the hardware
address of my network card?

~~~
smallet
"You need to log in to your Self Service area whenever your IP address changes
(i.e. if you only configured your computer and you travel) so that your
current IP is validated to your account. If you don’t do this, ads will start
to reappear and region unlock will stop working!" -seems like it just
registers the IP address when logging into their portal/page.

------
amelius
Out of interest, would somebody be able to reconstruct those blurred-out IP
addresses and password by using deconvolution? [1]

[http://www.deconvolve.net/bialith/Research/BARclockblur.htm](http://www.deconvolve.net/bialith/Research/BARclockblur.htm)

~~~
jansenv
I can't help but mention that one of the methods is called a Weiner Filter.

Heh.

------
Ir3eu1yo
Adgaurd DNS is a free alternative although the web page says its in beta [1].
They also say they don't keep logs and support DNSCrypt. Convinently the
DNSCrypt project also seems to have four resolvers configured for them [2].

[1] [https://adguard.com/en/adguard-
dns/overview.html](https://adguard.com/en/adguard-dns/overview.html) [2]
[https://github.com/jedisct1/dnscrypt-
proxy/blob/master/dnscr...](https://github.com/jedisct1/dnscrypt-
proxy/blob/master/dnscrypt-resolvers.csv)

------
SnaKeZ
TL;DR: Vultr + Pi-hole

------
lend000
Pi-hole is great, but there's no reason to dedicate an entire instance to it
(assuming you have other uses for one) -- the resources used on my RPi 3 are
negligible.

~~~
georgemcbay
Using a public server instance would seem less likely a cost/resource savings
than a convenience factor if you are adblocking on mobile platforms (linked
article was mostly focused on adblocking for an Android phone, presumably one
that will be used on-the-go and not just at home).

Setting up an at-home RPi solution is probably possible for most people but a
lot more cumbersome dealing with inbound server tunneling (which may
technically be forbidden by their ISP), dynamic IP services, etc.

------
cptskippy
My biggest gripe with network level filtering is making exceptions. I am
currently running Pi.hole and making exceptions requires logging into the
server via the web UI. SSL URLs also do not work and would require some sort
of root cert.

With üblock you receive a UI notification of the block and the option to make
an exception.

------
lern_too_spel
Or you can set it up on a free instance of GCE. The author doesn't get
affiliate fees though.

~~~
bitmapbrother
It's already been mentioned that the egress limit is 1 GB.

~~~
lern_too_spel
At $0.12 per GB, he would have to do more than 20 GB of DNS queries on his
phone to reach $2.50 / month.

Also, my comment about using GCE was first, so it wasn't already mentioned.

------
homer168
I messed with this for years. This app recently solved it all for me without
root :

[https://play.google.com/store/apps/details?id=co.netpatch.fi...](https://play.google.com/store/apps/details?id=co.netpatch.firewall)

You can use the custom rules to add any of the adblocker lists such as HP
hosts, etc.

Also whitelists play nice with voip apps too.

------
sgloutnikov
Just a small fyi about the Vultr match credits: unused credits expire after 12
months. Vultr are great by the way, love them.

------
Aissen
I would very much prefer an ansible playbook so I can deploy this in a blink,
than all those countless manual procedures.

------
OxO4
It would be even better if there was a way to pay $2.50 that get distributed
among the creators of the consumed content.

~~~
Markoff
brave browser try this business model with their ad blocker, though i am also
using adaway

------
ricketycricket
I ran this same setup for a while, but became nervous about the potential for
DNS poisoning. I'm reasonably confident in my ability to lock down a public-
facing system, but you sure are putting a lot of trust in that pi-hole install
and your ability to make sure you're always using SSL on every device and
site.

------
Magnets
Seems like overkill. Why not just use openwrt and the adblock package?

Grab a tl-wr841 for <$20 on ebay - some go for $5

You could even get an orange pi or Rpi zero + ethernet to usb adapter and hang
it off your existing router for power.

------
retube
Isn't there a really simple work-around to these dns-hole adblockers? Ad links
just need to use actual IP address surely?

------
colept
Pi-hole with raspberrypi is free.

~~~
thesimon
As long as you get a free raspberrypi and free electricity.

~~~
purrcat259
Considering how little a Pi consumes, you might notice the electricity cost
after a few years.

~~~
rz2k
Probably 50¢/month total, 47.75¢ for the electricity[1], and 2-something cents
monthly opportunity cost of $30 earning interest in a money market fund.

The throughput on a Raspberry Pi isn't great though, even compared to a
typical low end VPS.

[1]
[http://m.wolframalpha.com/input/?i=5+watt+*+months+at+13+cen...](http://m.wolframalpha.com/input/?i=5+watt+*+months+at+13+cents+per+kWh&x=0&y=0)

------
xbeta
Can someone tells me the est. bandwidth traffic per month on such setup?

------
aembleton
If you want something even cheaper, check out
[https://www.time4vps.eu/pricing/#](https://www.time4vps.eu/pricing/#)!

If you purchase a 512MB RAM machine for two years it is €0.99/month!

~~~
joering2
Horrible company with absurd ID requirements. I stopped trying to be validated
user after confirming my email, confirming my text message and being close to
send them my government issued IDs for God knows who and when to hack into
them and steal it for identity fraud purposes.

Edit: oh and don't expect much customer support help for 99cents per month,
even if their customer support is located in Cambodia.

~~~
sena
Actually, both their data center and their support team are located in
Lithuania.

Time4VPS is essentially the international brand of the largest ISP in the
country.

I was sceptical at first, but I have a VPS running there for a few months,
serving 100k hits per day, with no technical problems from their side so far.

I just used their support once, but they responded in minutes.

~~~
m3Lith
The company you're talking about ("Interneto Vizija") isn't an ISP. They are,
however, the largest .lt registrar (recently passed 100k domains) and the
largest hosting provider (shared/VPS/dedi) in the country.

------
calferreira
Why would i do this if i can do it for free ? If it's a PC:

\- Change the hosts file with adblocked domains or..

\- Install an extension on the browser;

On the phone we have firefox with adblock extensions as well.

So, why would i pay for adblocking ?

~~~
PetahNZ
Did you even read the first sentence of the article?

"I recently got fed up enough with ads while regularly using my mobile Android
Marshmallow phone"

~~~
calferreira
And i said: "On the phone we have firefox with adblock extensions as well."

------
Oxitendwe
What kind of insane world do we live in where we can't block ads on our own
devices?

------
draw_down
Hmm, that sounds like it could be useful for other things, but for ad
blocking, running a blocker on the device seems to work fine...

------
chrisabrams
Title should be amended to clarify "if you use android"

~~~
bitmapbrother
Because iOS apps don't have ads, right?

~~~
inferiorhuman
Apple allows ad blocking software in the app store.

~~~
bitmapbrother
So does Google. In fact nearly every browser in the Play Store blocks ads.

~~~
msh
but not chrome, which is the major browser on android...

