Posted on

…and unwanted means Ads, trackers, adult content and safe search. And all this without installing anything on the PC’s or phones. Read on to find out.

No software or ad blocker is ever created perfect in that it can block all malicious and harmful content on the internet. Having said that, there are decent enough options which come very close.

  • Microsoft Family Safety
  • Browser Extensions
  • Use custom DNS servers for filtering
  • Setup own DNS server to filter content

Lets look at these one by one.

Option 1: Microsoft Family Safety

Use Microsoft Family Safety and configure browser settings to enable safe browsing and block unwanted or allow only specific websites. This is the best free service available for Windows 10 or 11 computers (also on Android phones with Family Safety app and Edge browser installed). Refer to my earlier articles on how to configure and use this service here and here.

Option 2: Browser Extensions

Add extensions in your PC or Mac browser to block most Ads and trackers.

I have used uBlock Origin extension from Chrome web store for many years now. This has been the best performing, lightweight extension for content filtering. You can install it on Microsoft Edge and Chrome from this link. Also available on Firefox.

No configuration is needed and once added to the browser, its ready to go. But if you regularly use Incognito or Guest mode in either browsers then you need to explicitly allow it to work in that mode. This can be done in browser extension settings.

On mobiles, Firefox browser allows ad block extensions to be installed. Edge, Opera, Brave and Safari have an inbuilt one to block ads, but Chrome has none.

Option 3: Use different DNS servers

Change your PC, mobile phone or Wifi router’s local network DNS entry. This is a fairly simple process and does not require any installation and can also be easily revertible. But what exactly is DNS.

What is DNS?

Domain Name System or DNS for short is like an address keeper or phonebook of the internet. We access or browse websites by their names for e.g., microsoft.com or yahoo.com but the browsers send that name to a DNS service and receive an IP address in return. This IP address is then used to load that website.

This name to IP translation is made by the DNS resolver. A DNS server or resolver either stores the information which translates a URL into an IP address or gets it from the root DNS servers on the internet, acting as a phonebook. Read more about how DNS works here.

Now if the phonebook blocks the entries for websites tagged as harmful content, then the IP address for that website or service is not returned to the browser. There are many such phonebooks or DNS servers available with both free and paid levels.

One such free service is AdGuard DNS. Go to Connect to public AdGuard DNS server (adguard-dns.com) and check out Method #2 Plain DNS as shown in screenshot below.

DNS settings for AdGuard

Another free service is CleanBrowsing. It also provides similar free DNS servers for content filtering. Go to Filters – DNS Content Filtering (cleanbrowsing.org) and scroll down to see the IP addresses to use as DNS.

DNS settings for CleanBrowsing

Now, in some cases this might slow down your browsing by a few seconds or a bit more depending on your location. Most of the these free services are based in the US and the time it takes to resolve the URL query will determine how fast your websites are loading.

Using a DNS Benchmark app (GRC’s | DNS Nameserver Performance Benchmark) I ran a test for both services from my location in India.

DNS performance benchmark

The numbers in the table are seconds it took to resolve queries and this test shows CleanBrowsing will perform slightly faster for me among the two (cached name avg: 0.117 faster than 0.179 seconds)

You can also configure just the browsers to use these DNS services. On Microsoft Edge, the option is available under Settings -> Privacy, search and services and the under the heading Security. Or browse directly to edge://settings/privacy

Select the option Choose a service provider and then click in the box to select or type a custom.

Microsoft Edge settings for DNS provider

A similar option is available on Chrome too.

Option 4: Setup own DNS

Set up your own DNS server which can block content based on your configuration. This can take some time to setup but still not very difficult. Most basic requirement here is to setup a machine which can be always on to be able to provide DNS services on your home network.

This option will work the best if most of the time you are working from home and have many different devices connected to internet.

Pi-hole is a lightweight DNS/Web server and uses lists (pre-defined and user added) to block content. It can act as a recursive DNS server for all your devices on a home network.

The DNS server IP address will be of the machine running Pi-hole on your home network and can be used on other devices as DNS as in Option 3 or on your Wifi router for all the devices.

Go to Pi-hole – Network-wide protection for instructions on how to set it up. I have it running on a Raspberry Pi 3, connected to USB power on my home router to keep it always on. A newer RPi4 model is available for about US$35+ (Buy a Raspberry Pi 4 Model B – Raspberry Pi), which is more then capable to run this.

For reference, the Pi-hole server on my home network blocked about 15% queries in the last 24 hours including ads and trackers.

Pi-hole web dashboard

Hopefully one of these options can help you browse safely and provide a clean experience to your kids. Thanks for reading.

Leave a Reply

Your email address will not be published. Required fields are marked *