{"id":20236577,"url":"https://github.com/celenityy/ublock-origin-settings","last_synced_at":"2026-03-07T11:02:17.243Z","repository":{"id":244891731,"uuid":"816479519","full_name":"celenityy/ublock-origin-settings","owner":"celenityy","description":"My recommendations for the ultimate configuration of uBlock Origin :)","archived":false,"fork":false,"pushed_at":"2025-04-12T08:20:35.000Z","size":76,"stargazers_count":54,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-12T09:27:23.423Z","etag":null,"topics":["adblock","adblock-list","ads","annoyances","anti-fingerprinting","filterlists","metrics","privacy","privacy-protection","security","telemetry","tracking","ublock","ublock-filters","ublock-filters-rules","ublock-list","ublock-lists","ublock-origin","ublock-origin-filters"],"latest_commit_sha":null,"homepage":"https://codeberg.org/celenity/ublock-origin-settings","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/celenityy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"custom":["https://celenity.dev/donate"]}},"created_at":"2024-06-17T20:57:57.000Z","updated_at":"2025-04-12T08:20:38.000Z","dependencies_parsed_at":"2024-06-18T05:10:19.015Z","dependency_job_id":"de58fc6f-1e03-46a1-97e6-cffe7fb804c8","html_url":"https://github.com/celenityy/ublock-origin-settings","commit_stats":null,"previous_names":["retold3202/ublock-origin-settings","celenityy/ublock-origin-settings"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/celenityy/ublock-origin-settings","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/celenityy%2Fublock-origin-settings","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/celenityy%2Fublock-origin-settings/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/celenityy%2Fublock-origin-settings/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/celenityy%2Fublock-origin-settings/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/celenityy","download_url":"https://codeload.github.com/celenityy/ublock-origin-settings/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/celenityy%2Fublock-origin-settings/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30212103,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-07T09:02:10.694Z","status":"ssl_error","status_checked_at":"2026-03-07T09:02:08.429Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adblock","adblock-list","ads","annoyances","anti-fingerprinting","filterlists","metrics","privacy","privacy-protection","security","telemetry","tracking","ublock","ublock-filters","ublock-filters-rules","ublock-list","ublock-lists","ublock-origin","ublock-origin-filters"],"created_at":"2024-11-14T08:21:54.372Z","updated_at":"2026-03-07T11:02:17.238Z","avatar_url":"https://github.com/celenityy.png","language":null,"funding_links":["https://celenity.dev/donate"],"categories":[],"sub_categories":[],"readme":"# ublock-origin-settings\n\nMy recommendations for the ultimate configuration of uBlock Origin :)\n\n**NOTE:** This project can be found on both [Codeberg](https://codeberg.org/celenity/ublock-origin-settings), which will act as the main \u0026 preferred way to contribute, and [GitHub](https://github.com/celenityy/ublock-origin-settings).\n\n# Settings\n\nPrivacy:\n\n* **Disable pre-fetching (to prevent any connection for blocked network requests)** -\u003e ✅\n\n* **Disable hyperlink auditing** -\u003e ✅\n\n* **Block CSP reports** -\u003e ✅\n\n* **Uncloak canonical names** -\u003e ✅\n\n\u003cbr\u003e\n\nDefault behavior:\n\n* **Disable JavaScript** -\u003e ✅ *(This **will** cause breakage, but it heavily improves privacy \u0026 security, so I'd recommend enabling it if possible and if you're willing to re-enable JavaScript for websites that need it)*\n\n\u003cbr\u003e\n\nAdvanced:\n\n* **I am an advanced user** -\u003e ✅\n\n## Advanced settings\n\nSelect the cog to the right of **I am an advanced user**, and consider configuring the following settings:\n\n**autoCommentFilterTemplate** -\u003e `{{url}}`\n\n**autoUpdateDelayAfterLaunch** -\u003e `10`\n\n**disableWebAssembly** -\u003e `true`\n\n**filterAuthorMode** -\u003e `true`\n\n**trustedListPrefixes** -\u003e `-`\n\n**updateAssetBypassBrowserCache** -\u003e `true`\n\n\u003cbr\u003e\n\n# Filter lists\n\n**Auto-update filter lists** -\u003e ✅\n\n**Suspend network activity until all filter lists are loaded** -\u003e ✅\n\n**Parse and enforce cosmetic filters** -\u003e ✅\n\n**Ignore generic cosmetic filters** -\u003e ❌\n\n# Lists\n\nI would generally recommend configuring your filterlists as follows. This configuration matches [what my 'Phoenix' project uses](https://phoenix.celenity.dev/content-blocking), has been thoroughly tested and carefully considered to provide a balance between privacy, security, usability, and performance.\n\n## Built-in Lists\n\nWe'll first go over lists built-in to a stock installation of uBlock Origin.\n\nI would generally recommend configuring the built-in lists as follows:\n\n\u003e [!TIP]\n\u003e Lists with a ✅ should be enabled, while lists with a ❌ are unnecessary and should typically be disabled.\n\n### Built-in\n\n* **`uBlock filters - Ads`** -\u003e ✅ *(Default)*\n* **`uBlock filters - Badware risks`** -\u003e ✅ *(Default)*\n* **`uBlock filters - Privacy`** -\u003e ✅ *(Default)*\n* **`uBlock filters - Quick fixes`** -\u003e ✅ *(Default)*\n* **`uBlock filters - Unbreak`** -\u003e ✅ *(Default)*\n\n### Ads\n\n* **`EasyList`** -\u003e ✅ *(Default)*\n* **`AdGuard - Ads`** -\u003e ❌\n* **`AdGuard - Mobile Ads`** -\u003e ✅\n\n### Privacy\n\n* **`EasyPrivacy`** -\u003e ✅ *(Default)*\n* **`AdGuard Tracking Protection`** -\u003e ❌\n* **`AdGuard URL Tracking Protection`** -\u003e ✅\n* **`Block Outsider Intrusion into LAN`** -\u003e ✅\n\n### Malware protection, security\n\n* **`Online Malicious URL Blocklist`** -\u003e ✅ *(Default)*\n* **`Phishing URL Blocklist`** -\u003e ❌\n\n### Multipurpose\n\n* **`Peter Lowe’s Ad and tracking server list`** -\u003e ✅ *(Default)*\n* **`Dan Pollock’s hosts file`** -\u003e ✅\n\n### Cookie notices\n\n* **`EasyList - Cookie Notices`** -\u003e ✅\n* **`AdGuard - Cookie Notices`** -\u003e ❌\n* **`uBlock filters - Cookie Notices`** -\u003e ❌\n\n### Social widgets\n\n* **`EasyList - Social Widgets`** -\u003e ✅\n* **`AdGuard - Social Widgets`** -\u003e ❌\n* **`Fanboy - Anti-Facebook`** -\u003e ❌\n\n### Annoyances\n\n* **`EasyList - Chat Widgets`** -\u003e ✅\n* **`EasyList - Newsletter Notices`** -\u003e ✅\n* **`EasyList - Notifications`** -\u003e ✅\n* **`EasyList - Other Annoyances`** -\u003e ✅\n* **`AdGuard - Mobile App Banners`** -\u003e ❌\n* **`AdGuard - Other Annoyances`** -\u003e ❌\n* **`AdGuard - Popup Overlays`** -\u003e ❌\n* **`AdGuard - Widgets`** -\u003e ❌\n* **`uBlock filters - Annoyances`** -\u003e ✅\n\n## External Lists\n\nWe can now go over what lists you should **manually import** to uBlock Origin.\n\nI would generally recommend importing \u0026 enabling the following:\n\n### Privacy\n\n* ⭐️ **➗ Actually Legitimate URL Shortener Tool**\n\n    ```sh\n    https://gitlab.com/DandelionSprout/adfilt/-/raw/master/LegitimateURLShortener.txt\n    ```\n\n* ⭐️ **🔍 yokoffing's Block third party fonts**\n\n    ```sh\n    https://raw.githubusercontent.com/yokoffing/filterlists/main/block_third_party_fonts.txt\n    ```\n\n* ⭐️ **⛔ yokoffing's click2load filters**\n\n    ```sh\n    https://raw.githubusercontent.com/yokoffing/filterlists/main/click2load.txt\n    ```\n\n### Malware protection, security\n\n* ⭐️ **⚠️ BadBlock - Unsafe**\n\n    ```sh\n    https://badblock.celenity.dev/abp/unsafe.txt\n    ```\n\n* ⭐️ **💊 Dandelion Sprout's Anti-Malware List**\n\n    ```sh\n    https://gitlab.com/DandelionSprout/adfilt/-/raw/master/Dandelion%20Sprout's%20Anti-Malware%20List.txt\n    ```\n\n* ⭐️ **🔏 HaGeZi - Dynamic DNS**\n\n    ```sh\n    https://gitlab.com/hagezi/mirror/-/raw/main/dns-blocklists/adblock/dyndns.txt\n    ```\n\n* ⭐️ **🔐 HaGeZi - Threat Intelligence Feeds - Mini**\n\n    ```sh\n    https://gitlab.com/hagezi/mirror/-/raw/main/dns-blocklists/adblock/tif.mini.txt\n    ```\n\n* ⭐️ **FMHY Unsafe sites filterlist**\n\n    ```sh\n    https://raw.githubusercontent.com/fmhy/FMHYFilterlist/main/filterlist-basic.txt\n    ```\n\n### Multipurpose\n\n* ⭐️ **📕 HaGeZi - Multi ULTIMATE mini**\n\n    ```sh\n    https://gitlab.com/hagezi/mirror/-/raw/main/dns-blocklists/adblock/ultimate.mini.txt\n    ```\n\n\u003cbr\u003e\n\n**Additionally**, if you're fine with occasional breakage at the cost of enhanced privacy \u0026 security, you could also consider using:\n\n* ⭐️ My **⚡️ BadBlock Lite**, **🔇 BadBlock**, OR **🔥 BadBlock+**\n\n    * Do **not** use all 3 together, pick **one** that works best for you! **🔇 BadBlock** is recommended for most users.\n\n        * **⚡️ BadBlock Lite**\n            ```sh\n            https://badblock.celenity.dev/abp/badblock_lite.txt\n            ```\n        * **🔇 BadBlock**\n            ```sh\n            https://badblock.celenity.dev/abp/badblock.txt\n            ```\n        * **🔥 BadBlock+**\n            ```sh\n            https://badblock.celenity.dev/abp/badblock_plus.txt\n            ```\n\nFurthermore, **if you don't have a DNS content blocking solution in place *(you should)***, or you just can't use the relevant list on your DNS blocker, you could also use the following:\n\n* ⭐️ **HaGeZi's Most Abused TLDs**\n    ```sh\n    https://gitlab.com/hagezi/mirror/-/raw/main/dns-blocklists/adblock/spam-tlds-ublock.txt\n    ```\n\n* ⭐️ **OISD - Big**\n    ```sh\n    https://big.oisd.nl\n    ```\n\nOnce you're finished choosing your lists, don't forget to select **Apply changes** \u0026 **Update now**.\n\n# My filters\n\nThis is where it can really depend on you and your set-up. I'll provide my recommendations and filters here I myself use below:\n\nFirst, I would highly recommend setting the following to protect against [IDN Homograph attacks](https://wikipedia.org/wiki/IDN_homograph_attack) \n\n*You don't need to set this if you use BadBlock **Unsafe** above or if your DNS provider already provides IDN Homograph Attacks Protection (i.e. NextDNS)*:\n\n```sh\nxn--*\nxn--*$doc,popup,frame\n```\n\nI usually set the following to always enforce blocking Google's Doubleclick \u0026 Google Analytics: *[Why?](https://github.com/gorhill/uBlock/wiki/Privacy-stuff)*\n\n```sh\n||doubleclick.net^$important\n||google-analytics.com^$important\n```\n\nAdditionally, I set the following to block social media tracking on websites:\n\n```sh\n||facebook.com^$important,third-party\n||facebook.net^$important,third-party\n||linkedin.com^$important,third-party\n||instagram.com^$important,third-party\n||tiktok.com^$important,third-party\n||twitter.com^$third-party\n||x.com^$third-party\n```\n\n*See `My rules` section below for unbreaking X/Twitter...*\n\nI also set this to block [tracking from Gravatar](https://github.com/gorhill/uBlock/wiki/Privacy-stuff):\n\n```sh\n||gravatar.com^$important,third-party\n```\n\nI also set these rules to block 3rd party sign-in prompts from Google \u0026 Apple, as they're 1: annoying and 2: a tracking concern:\n\n```sh\n||accounts.google.com^$third-party\n||appleid.apple.com^$third-party\n||appleid.cdn-apple.com^$third-party\n@@||accounts.google.com^$domain=youtube.com|chromium.org|gstatic.com|googleusercontent.com\n@@||appleid.apple.com^$domain=appleid.cdn-apple.com\n@@||appleid.cdn-apple.com^$domain=appleid.apple.com\n```\n\nSince I block all 3rd-party requests *(will be explained further in `My rules` section below)*, I set the following rules to still allow CAPTCHAs for sites: *(Also see `My rules`)*\n\n```sh\n||challenges.cloudflare.com^$third-party\n@@||challenges.cloudflare.com/cdn-cgi/challenge-platform/$third-party,script,frame\n||www.google.com^$third-party,subdocument\n@@||www.google.com/recaptcha/$third-party,subdocument\n||www.gstatic.com^$third-party,script\n@@||www.gstatic.com/recaptcha/$third-party,script\n```\n\nFinally, I usually set the following to block the annoying banner on Old Reddit promoting Reddit's new UI.\n\n```sh\nwww.reddit.com###redesign-beta-optin-btn\nold.reddit.com###redesign-beta-optin-btn\n```\n\nOnce you are done here, make sure to select **Apply changes**.\n\n# My rules\n\nFirst, I typically set the following to block all 3rd party requests:\n\n**I would not recommend this for most people, as you will basically have to unbreak pages yourself, but it provides the most private, secure, and fastest configuration possible.**\n\n```sh\n* * 3p block\n* * 3p-frame block\n* * 3p-script block\n```\n\nIf you don't want as much breakage, you could potentially only set:\n\n```sh\n* * 3p-frame block\n```\n\nThis only blocks 3rd party frames, while keeping other resources untouched. I would recommend this if you have the tolerance to allow 3rd party frames for pages that need them, but still want a nice boost in privacy, security, \u0026 performance.\n\nI then set the following to allow CAPTCHAs for sites:\n\n```sh\n* challenges.cloudflare.com * noop\n* www.google.com * noop\n* www.gstatic.com * noop\n```\n\nI also set the following to unbreak X/Twitter based off the filters we set above:\n\n```sh\nx.com twitter.com * noop\n\ntwitter.com x.com * noop\n```\n\n⭐️ If you block 3rd party connections like me, then I would recommend also using the [LocalCDN](https://www.localcdn.org/) extension with the following settings, as this will reduce breakage:\n\n# LocalCDN -\u003e Basic\n\n**Hide donation button** -\u003e ✅\n\n# LocalCDN -\u003e Advanced\n\n**Block Google Fonts** -\u003e ❌ *This is already covered by Yokoffing's `Block third party fonts` list that we added, leaving Google Fonts blocked here as well will just cause issues \u0026 breakage*\n\n\u003cbr\u003e\n\nNow, back to uBlock Origin, you should add the following rules in uBlock Origin for LocalCDN to be active:\n\n```sh\n* ajax.googleapis.com * noop\n* ajax.aspnetcdn.com * noop\n* ajax.microsoft.com * noop\n* cdnjs.cloudflare.com * noop\n* code.jquery.com * noop\n* cdn.jsdelivr.net * noop\n* fonts.googleapis.com * noop\n* yastatic.net * noop\n* yandex.st * noop\n* apps.bdimg.com * noop\n* libs.baidu.com * noop\n* cdn.staticfile.org * noop\n* cdn.bootcss.com * noop\n* mat1.gtimg.com * noop\n* lib.sinaapp.com * noop\n* upcdn.b0.upaiyun.com * noop\n* stackpath.bootstrapcdn.com * noop\n* maxcdn.bootstrapcdn.com * noop\n* netdna.bootstrapcdn.com * noop\n* use.fontawesome.com * noop\n* ajax.cloudflare.com * noop\n* akamai-webcdn.kgstatic.net * noop\n* gitcdn.github.io * noop\n* vjs.zencdn.net * noop\n* cdn.plyr.io * noop\n* cdn.materialdesignicons.com * noop\n* cdn.ravenjs.com * noop\n* js.appboycdn.com * noop\n* cdn.embed.ly * noop\n* cdn.datatables.net * noop\n* mathjax.rstudio.com * noop\n* cdn.mathjax.org * noop\n* code.createjs.com * noop\n* sdn.geekzu.org * noop\n* ajax.proxy.ustclug.org * noop\n* unpkg.com * noop\n* pagecdn.io * noop\n* cdnjs.loli.net * noop\n* ajax.loli.net * noop\n* fonts.loli.net * noop\n* lib.baomitu.com * noop\n* cdn.bootcdn.net * noop\n* fonts.gstatic.com * noop\n* ajax.loli.net.cdn.cloudflare.net * noop\n* akamai-webcdn.kgstatic.net.edgesuite.net * noop\n* apps.bdimg.jomodns.com * noop\n* cdn.bootcdn.net.maoyundns.com * noop\n* cdn.bootcss.com.maoyundns.com * noop\n* cdn.embed.ly.cdn.cloudflare.net * noop\n* cdn.jsdelivr.net.cdn.cloudflare.net * noop\n* cdnjs.loli.net.cdn.cloudflare.net * noop\n* cds.s5x3j6q5.hwcdn.net * noop\n* developer.n.shifen.com * noop\n* dualstack.osff.map.fastly.net * noop\n* fonts.loli.net.cdn.cloudflare.net * noop\n* gateway.cname.ustclug.org * noop\n* iduwdjf.qiniudns.com * noop\n* lb.sae.sina.com.cn * noop\n* lib.baomitu.com.qh-cdn.com * noop\n* mat1.gtimg.com.tegsea.tc.qq.com * noop\n* materialdesignicons.b-cdn.net * noop\n* mscomajax.vo.msecnd.net * noop\n* sdn.inbond.gslb.geekzu.org * noop\n* use.fontawesome.com.cdn.cloudflare.net * noop\n* vo.aicdn.com * noop\n```\n\nOnce you're done configuring your rules here, select **Save** \u0026 **Commit**.\n\n# Additional recommendations\n\n* Use [Firefox](https://www.mozilla.org/firefox/) with my [Phoenix](https://phoenix.celenity.dev), as Firefox respects your privacy and [has the best support for uBlock Origin](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). **You do not need to configure uBlock Origin with this guide if you use Phoenix, as it is already pre-configured out of the box.**\n\n* Enable Safe Browsing in your browser if possible and if it's not done in a privacy-invasive way. (You should use i.e. [Google Safe Browsing on \"Standard\" Mode](https://safebrowsing.google.com/), [Firefox's Safe Browsing](https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work), \u0026 [Brave's Safe Browsing](https://brave.com/privacy/browser/#safe-browsing), you should avoid most other options i.e. [Google Safe Browsing on \"Enhanced\" Mode](https://safebrowsing.google.com/), [Microsoft SmartScreen](https://learn.microsoft.com/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/), \u0026 [Opera Sitecheck](https://blogs.opera.com/security/2021/01/making-browsing-safe-from-phishing/)).\n\n* Use a private, secure, \u0026 reputable DNS provider of your choice. I would recommend setting up your own [NextDNS](https://nextdns.io) configuration if you are able to *(See my recommendations for NextDNS [here](https://codeberg.org/celenity/nextdns-settings))*, otherwise I would recommend [Quad9](https://quad9.net/). If you're using a Chromium browser, make sure to configure your DNS provider on **both** your OS and in your browser. This will allow you to take advantage of [Encrypted Client Hello](https://blog.cloudflare.com/announcing-encrypted-client-hello). This is unnecessary on Firefox-based browsers, however it could still be useful to set in both places if for instance you want to set a separate client name for your browser than the rest of your OS, to better determine what queries are coming from where.\n\n* Use a (reputable) anti-virus if possible. On Windows, you can use the built-in [Microsoft Defender Antivirus](https://wikipedia.org/wiki/Microsoft_Defender_Antivirus), on macOS, you can stick to the built-in [XProtect](https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web) and on Linux, you can use [ClamAV](https://www.clamav.net/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcelenityy%2Fublock-origin-settings","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcelenityy%2Fublock-origin-settings","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcelenityy%2Fublock-origin-settings/lists"}