{"id":25741002,"url":"https://github.com/juanico10/securedns","last_synced_at":"2025-05-08T22:29:25.666Z","repository":{"id":39514596,"uuid":"444914872","full_name":"juanico10/SecureDNS","owner":"juanico10","description":"The project SecureDNS is a project in which we block and protect the entire network through its own hardware.","archived":false,"fork":false,"pushed_at":"2025-04-20T14:11:43.000Z","size":55237,"stargazers_count":34,"open_issues_count":1,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-20T15:25:22.582Z","etag":null,"topics":["adblock","adguard","adguardhome","blocklist","dns","docker","docker-compose","malware","pihole","pihole-blocklists","safelist","whitelist"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/juanico10.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"docs/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-01-05T18:46:11.000Z","updated_at":"2025-04-20T14:11:46.000Z","dependencies_parsed_at":"2023-11-16T23:53:21.335Z","dependency_job_id":"79ea074d-752e-44fb-9304-2a2d76696f37","html_url":"https://github.com/juanico10/SecureDNS","commit_stats":{"total_commits":706,"total_committers":4,"mean_commits":176.5,"dds":0.09915014164305946,"last_synced_commit":"5fea94fc3b9b042dcde3b822d6bb93a1cf2f15fd"},"previous_names":["juanico10/pihole_list","juanico10/sacuredns"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/juanico10%2FSecureDNS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/juanico10%2FSecureDNS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/juanico10%2FSecureDNS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/juanico10%2FSecureDNS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/juanico10","download_url":"https://codeload.github.com/juanico10/SecureDNS/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253157300,"owners_count":21863088,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adblock","adguard","adguardhome","blocklist","dns","docker","docker-compose","malware","pihole","pihole-blocklists","safelist","whitelist"],"created_at":"2025-02-26T09:19:13.543Z","updated_at":"2025-05-08T22:29:25.546Z","avatar_url":"https://github.com/juanico10.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e The project that protects your devices \u003c/h1\u003e\n\nThe \u003cstrong\u003eSecureDNS\u003c/strong\u003e project is an initiative that aims to lock down and secure the entire network through its own hardware. In this repository, it is installed via Docker®. Pi-hole® and Adguard Home® are DNS sinkholes that protect your devices from unwanted content without the need to install any software on client devices.\n\n\u003cdiv align=\"center\"\u003e\n    \u003ca href=\"https://github.com/juanico10/Pihole_list\"\u003e\n        \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/pihole.png\" alt=\"Pi-hole\" width=\"280\"\u003e\n        \u003cimg src=\"https://cdn.adtidy.org/website/github.com/AdguardFilters/viking.svg\" alt=\"AdGuard Home\" width=\"420\"\u003e\n    \u003c/a\u003e\n    \u003cbr\u003e\n    \u003ch3\u003eNetwork-wide ad blocking via its own hardware.\u003c/h3\u003e\n\u003c/div\u003e\n\n\u0026nbsp;\n\n![GitHub last commit (by committer)](https://img.shields.io/github/last-commit/juanico10/SecureDNS?style=flat\u0026logo=Github\u0026logoColor=white\u0026label=last-commit\u0026labelColor=253B80\u0026color=253B80)\n\u003ca href=\"https://github.com/juanico10/SecureDNS/commits/master\" \u003e\n    \u003cimg src=\"https://img.shields.io/github/commit-activity/m/juanico10/SecureDNS?style=flat\u0026logo=Github\u0026logoColor=white\u0026label=Commit%20Activity\u0026labelColor=253B80\u0026color=253B80\" alt=\"commit activity\" \u003e\n  \u003ca/\u003e\n\n## Links to installation or developer\n| PROJECT | INSTALLER LINK | DEVELOPER LINK |\n| :-- | :--: | :--: |\n| \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/AdGuard_Logo.png\" alt=\"AdGuard Home\" width=\"26\"/\u003e Adguard Home® | [INSTALLATION](https://github.com/juanico10/AdGuardHome) | [DEVELOPER](https://adguard.com/es/adguard-home/overview.html) |\n| \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/pihole.png\" alt=\"Pi-Hole\" width=\"30\"/\u003e Pi-hole® | [INSTALLATION](https://github.com/juanico10/Pihole) | [DEVELOPER](https://pi-hole.net/) |\n### Version docker latest Pi-hole®\n![Docker Image Version (tag latest)](https://img.shields.io/docker/v/pihole/pihole/latest?style=flat\u0026logo=docker\u0026logoColor=white\u0026labelColor=0088cc\u0026color=0088cc)\n\n### Version docker latest Adguard Home®\n![Docker Image Version (tag latest)](https://img.shields.io/docker/v/adguard/adguardhome/latest?style=flat\u0026logo=docker\u0026logoColor=white\u0026labelColor=0088cc\u0026color=0088cc)\n\n\u003e :warning: *This README has been translated into Spanish \u003cimg src=\"https://hatscripts.github.io/circle-flags/flags/es.svg\" width=\"20\"\u003e. \\\n\u003e  Este README ha sido traducido a español \u003cimg src=\"https://hatscripts.github.io/circle-flags/flags/es.svg\" width=\"20\"\u003e.* :arrow_right: [**here**](./docs/README-ES.md).\n\n## Details\nThese lists were created because I wanted something with a bit more control over what gets blocked. A lot of lists are all-or-nothing. We set out to create lists with more control over what gets blocked, which is why I recommend my lists to you, as they are tested and we block only what is unnecessary.\n\n### Versions:\n\n\u003cdetails\u003e\n\u003csummary\u003eOriginal version:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;All urls in this version **are** preceded by an IP address in the txt or host file:\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e0.0.0.0 example.com\u003c/code\u003e – It will forward the domain example.com to the address 0.0.0.0 (but not for its subdomains).\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e127.0.0.1 example.com\u003c/code\u003e – will return the address 127.0.0.1 for the domain example.com (but not for its subdomains).\u003c/p\u003e\n\n\u003c/details\u003e\n\u0026nbsp;\n\u003cdetails\u003e\n\u003csummary\u003eVersion without IP on the left:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;All urls in this version **no** are preceded by an IP address in the txt or host file:\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003eexample.com\u003c/code\u003e\u003c/p\u003e\n\n\u003csup\u003eOur users have reported to us that some devices give an error if the url is preceded by an IP address.\u003c/sup\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\u003cdetails\u003e\n\u003csummary\u003eAdguard version:\u003c/summary\u003e\n\n\u003cp\u003e\u0026nbsp;All urls from this version of the **AdGuard** list appear in the hosts file as follows:\u003c/p\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e||example.org^\u003c/code\u003e – blocks access to the domain \u003ccode\u003eexample.org\u003c/code\u003e and all its subdomains\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e@@||example.org^\u003c/code\u003e – unlocks access to the \u003ccode\u003eexample.org\u003c/code\u003e domain and all its subdomains.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e/REGEX/\u003c/code\u003e – blocks access to domains matching the specified regular expression. For example, the rule \u003ccode\u003e/example.*/\u003c/code\u003e will block hosts matching the \u003ccode\u003eexample.*\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e$\u003c/code\u003e – This is the delimiter, which indicates that the rest of the rule is a modifier. Modifiers must be placed at the end of the rule after the character and separated by commas. For example, the modifiers must be placed at the end of the rule after the character and separated by commas. \u003ccode\u003e||example.org^$important\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e$important\u003c/code\u003e – The modifier applied to a rule increases its priority over any other rule without the modifier. Even above the basic exception rules.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e*\u003c/code\u003e – the wildcard character. It is used to represent any set of characters. It can also be an empty string or a string of any length.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e^\u003c/code\u003e – the separator character. Unlike browser ad blocking, there is nothing to separate in a hostname, so the only purpose of this character is to mark the end of the hostname.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e|\u003c/code\u003e – a pointer to the beginning or end of the host name. The value depends on the location of the character in the mask. For example, the rule \u003ccode\u003eample.org|\u003c/code\u003e corresponds to \u003ccode\u003eexample.org\u003c/code\u003e, but not to \u003ccode\u003eexample.org.com\u003c/code\u003e. \u003ccode\u003e|example\u003c/code\u003e corresponds to \u003ccode\u003eexample.org\u003c/code\u003e but not to \u003ccode\u003etest.example.org\u003c/code\u003e\u003c/p\u003e\n\n\u003csup\u003eThe instructions are current as of [AdGuard Home](https://github.com/AdguardTeam/AdGuardHome/wiki/Hosts-Blocklists#special-characters) v0.107.2. AdGuard supports older versions.\u003c/sup\u003e\n\u003csup\u003eThe instructions it supports [AdGuard Home](https://kb.adguard.com/en/general/how-to-create-your-own-ad-filters).\u003c/sup\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\u003cdetails\u003e\n\u003csummary\u003eComments on the lists:\u003c/summary\u003e\n\n\u003cp\u003e\u0026nbsp;All urls for this version of the list appear in the hosts file in the following way\u003c/p\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e# comment\u003c/code\u003e – just a comment\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003e! comment\u003c/code\u003e – just a comment\u003c/p\u003e\n\n\u003c/details\u003e\n\u0026nbsp;\n\n### Use:\n\u003cdetails\u003e\n    \u003csummary\u003eUse with Pi-Hole \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/pihole.png\" alt=\"Pi-Hole\" width=\"30\"/\u003e:\u003c/summary\u003e\n\n## Instructions for use with Pi-Hole:\n\n1. Copy the link to the Pi-hole format of the desired list (from the corresponding table below).\n2. Add the URL to your Pi-hole block lists (**Login** \u003e **Groups management** \u003e **Lists** \u003e **Paste the URL of the list in the \"Address\" field, add a comment** \u003e **Click \"Add \"**).\n3. Update Gravity (**Tools** \u003e **Update Gravity** \u003e **Click on \"Update \"** )\n\n\u0026nbsp;\n\u003csup\u003eCurrent instructions as of Pi-hole 5.2.4. Instructions may be slightly different at present. Instructions will be updated when version 6 is released.\u003c/sup\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n    \u003csummary\u003eUse with AdGuard Home \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/AdGuard_Logo.png\" alt=\"AdGuard Home\" width=\"22\"/\u003e:\u003c/summary\u003e\n\n## Instructions for use with AdGuard Home:\n\n1. copy the link to the AdGuard format corresponding to the desired list (from the corresponding table below).\n2. Add the URL to your AdGuard block list (**Login** \u003e **Filters** \u003e **DNS block lists** \u003e **Add block list** \u003e **Add a custom list** \u003e **Enter name** \u003e **Paste the URL of the copied link**).\n3. The list is automatically activated and is ready to start blocking.\n\n\u0026nbsp;\n\u003csup\u003eInstructions are current as of AdGuard Home v0.107.54\u003c/sup\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n# Adguard Home®  \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/adguard_home_lightmode.svg\" alt=\"AdGuard Home\" width=\"100\"/\u003e\n\n## General configuration\n- One of the recommendations, in AdGuard settings, General configuration, Filter update interval in 1 hour. It will update the rules every hour.\n\n### Change password in Adguard\nIn order to change the password in Adguard we can access these websites and create a username and password:\n\n- [![web2generators](https://img.shields.io/badge/-web2generators-c4302b?style=flat\u0026labelColor=c4302b)](https://www.web2generators.com/apache-tools/htpasswd-generator)\n- [![ipvoid](https://img.shields.io/badge/-ipvoid-c4302b?style=flat\u0026labelColor=c4302b)](https://www.ipvoid.com/htpasswd-generator/)\n- [![wtools](https://img.shields.io/badge/-wtools-c4302b?style=flat\u0026labelColor=c4302b)](https://wtools.io/generate-htpasswd-online)\n\n\u003cp\u003eWe create the user and password. Once created, it has this format:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003euser:$apr1$x4gcjzrl$qSvcJK46C2rQUGRl4z1kl0\u003c/code\u003e\u003c/p\u003e\n\n\u003cp\u003eOnce the user and password have been created, we proceed to access the adguard configuration file, \u003ccode\u003eAdGuardHome.yaml\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eWe look for the following line in the configuration file and replace the created data.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFor the \u003ccode\u003euser\u003c/code\u003e: user\u003c/li\u003e\n\u003cli\u003eFor the \u003ccode\u003epassword\u003c/code\u003e: $qSvcJK46C2rQUGRl4z1kl0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode class=\"lang-yaml\"\u003eusers:\n  - name: \u003cspan class=\"hljs-literal\"\u003euser\u003c/span\u003e\n    password: \u003cspan class=\"hljs-variable\"\u003e$apr1\u003c/span\u003e\u003cspan class=\"hljs-variable\"\u003e$x4gcjzrl\u003c/span\u003e\u003cspan class=\"hljs-variable\"\u003e$qSvcJK46C2rQUGRl4z1kl0\u003c/span\u003e\n\u003c/code\u003e\u003c/pre\u003e\n\nOnce the data has been changed, restart adguard.\n\n### Setting to have DNS over TLS or DNS over HTTPS enabled\nIn AdGuard settings, DNS settings:\n- Upstream DNS servers, copy one of these URLs:\n\nFor Cloudfare DoH-DoT:\n```shell\nhttps://dns.cloudflare.com/dns-query\ntls://1dot1dot1dot1.cloudflare-dns.com\n```\nFor DoH-DoT de Quad9:\n```shell\nhttps://dns.quad9.net/dns-query\ntls://dns.quad9.net\n```\n\nand check the option: \"**Load balancing**\", by default this option is checked.\n\n- Boot DNS servers, we put the DNS of our choice:\n\nCloudflared in both IPv4 and IPv6:\n```shell\n1.1.1.1\n1.0.0.1\n2606:4700:4700::1111\n2606:4700:4700::1001\n```\nQuad9 in both IPv4 and IPv6:\n```shell\n9.9.9.9\n149.112.112.112\n2620:fe::fe\n2620:fe::fe:9\n```\n\n- DNS server configuration, check the option \"**Enable DNSSEC**\".\n\n## DNS Cache Configuration\nAfter two years of use, I have collected the data from the Adguard cache with very optimal values. I recommend these usage values:\n\n- We recommend that the **cache size** be greater than 64 megabytes. If you leave it at 0, you disable it.\n- I recommend a **minimum TTL** value of **600**\n- I recommend a **maximum TTL** value of **21600**\n\nAnd I recommend **enabling optimistic caching**, which allows serving old cached responses while they are updated in the background.\n\n## Add domain for DoH and DoT:\n\n### Create the certificate with Let's Encrypt\n\u003cdetails\u003e\n    \u003csummary\u003eCreate the self-signed personal certificate with Let's Encrypt:\u003c/summary\u003e\n\n#### Create the self-signed personal certificate with Let's Encrypt:\nInstalling a free SSL certificate with CertBot:\n\n:one: We update the list of packages.\n```shell\nsudo apt update \u0026\u0026 sudo apt upgrade\n```\n\n:two: Install the Certbot package\n```shell\nsudo apt install certbot\n```\n\u003cp\u003eCerbot Documentation: \u003ca href=\"https://eff-certbot.readthedocs.io/en/latest/\"\u003e\u003cimg src=\"https://img.shields.io/badge/-Certbot-3849b8?style=flat\u0026labelColor=3849b8\" alt=\"Certbot\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n:three: In this section we are going to see the most important options of the command. You can choose the options that you consider most convenient.\n\nCertbot supports a lot of command line options. Here’s the full list, from `certbot --help all`:\n\n :point_right: 3.1 You can add as many domains as you wish with the `--domain` variable. Example:\n  | Description | example |\n  | :-- | :-- |\n  | --domain | --domain example.com --domain example.org |\n  | --domain | --domain example.org,www.example.org |\n  | -d | -d example.com -d example.org |\n  | -d | -d example.org,www.example.org |\n\n :point_right: 3.2 You can change the variable `--rsa-key-size` to the size:\n  | Bit size | Description |\n  | :--: | :-- |\n  | 512 | Insecure |\n  | 1024 | Basic security |\n  | 2048 | Recommended security |\n  | 4096 | Increased security |\n  | 8192 | Maximum security |\n\n :point_right: 3.3. `--csr` The csr variable and a `.cnf` file can perform the following functions. Currently --csr only works with the `certonly` subcommand.\n  - Follow this tutorial that I have added separately to create the csr [![Link](https://img.shields.io/badge/Create_CSR-green.svg?style=flat)](./docs/create-csr.md)\n\n :point_right: 3.4. `--config-dir` You can configure the configuration file with the variable.\n  - The certificate specific configuration options must be set in the `.conf` and I attach an example: [![example.org.conf](https://img.shields.io/badge/example.org.conf-3849b8?style=flat\u0026labelColor=3849b8)](./docs/example.org.conf)\n\n :point_right: 3.5. `--test-cert, --staging` Use the Let's Encrypt staging server to obtain or revoke test (invalid) certificates; equivalent to `--server acme-staging`\n\n :point_right: 3.6. `--hsts` Add the Strict-Transport-Security header to every HTTP response. Force the browser to always use SSL for the domain.\n\n :point_right: 3.7. `--key-type {rsa,ecdsa}`. Type of generated private key. Only *ONE* per invocation can be provided at this time.\n\n :point_right: 3.8. `--quiet` Silence all output except errors.\n\n :point_right: 3.9. `--cert-name` Certificate name to apply. This name is used by Certbot for housekeeping and in file paths; it doesn't affect the content of the certificate itself.\n\n :point_right: 3.10 `--debug` Show tracebacks in case of errors\n\n :point_right: 3.11 `--dry-run` Perform a test run against the Let's Encrypt staging server, obtaining test (invalid) certificates but not saving them to disk.\n\n :point_right: 3.12 `--dns-cloudflare` Obtain certificates using a DNS TXT record (if you are using Cloudflare for DNS).\n\n :point_right: 3.13. `--server` Choose the ACME Directory Resource URI for your server.\n  | Description | Server |\n  | :--: | :-- |\n  | Certificate for production server | https://acme-v02.api.letsencrypt.org/directory |\n  | Certificate for test server | https://acme-staging-v02.api.letsencrypt.org/directory |\n\n :point_right: 3.14. `--elliptic-curve` (default: secp256r1) The SECG elliptic curve name to use.\n  | Type algorithm | Bit size | Description |\n  | :-- | :--: | :-- |\n  | secp192r1 | 192 | Insecure |\n  | secp224k1 | 224 | Basic security |\n  | secp224r1 | 224 | Basic security |\n  | secp256k1 | 256 | Recommended security |\n  | secp256r1 | 256 | Recommended security |\n  | secp283k1 | 283 | Basic security |\n  | secp283r1 | 283 | Basic security |\n  | secp384r1 | 384 | Recommended security |\n  | secp409r1 | 409 | Maximum security |\n  | secp409k1 | 409 | Maximum security |\n  | secp521r1 | 521 | Maximum security |\n  | secp571r1 | 571 | Maximum security |\n  | secp571k1 | 571 | Maximum security |\n\n For the choice of the key to be chosen the difference in the definition of the base point has two important consequences:\n  * **The secpXXXk1 curve has a higher computational efficiency than the secpXXXr1 curve.** This is because the base point of the secpXXXk1 curve is a generation point, which means that it can be used to generate all the other points of the curve. The base point of the secpXXXr1 curve, on the other hand, is not a generation point, so more operations need to be calculated to generate all the other points of the curve.\n  * **The secpXXXr1 curve has higher security than the secpXXXk1 curve.** This is because the base point of the secpXXXr1 curve is a more random point than the base point of the secpXXXk1 curve. This makes it more difficult for attackers to find points on the curve that are not in the set of generation points.\n In general, the secpXXXXk1 curve is a good choice for applications that require computational efficiency, while the secpXXXr1 curve is a good choice for applications that require security.\n\n Examples of applications that could use each curve:\n  | Feature | secpXXXk1 | secpXXXr1 |\n  |---|---|---|\n  | base point | Lower | Higher |\n  | Type | Computational | Security |\n  | Computational Efficiency | Higher | Basic |\n  | Security | Basic | Higher |\n  | Common uses | Digital signature, Cryptocurrencies, public keys encryption | Public key encryption for critical applications, encryption, Public Key Infrastructure (PKI) |\n\nRun the following command modifying the valid email and options as you see fit for your example.\n\nThis example is for acquiring a Wildcard certificate:\n```shell\ncertbot certonly --manual --preferred-challenges=dns --rsa-key-size 4096 --email usuario@ejemplo.com --agree-tos\n--server https://acme-v02.api.letsencrypt.org/directory -d \"*.your_domain\"\n```\n\n:four: Finally, it will ask to make an \u003ccode\u003e_acme-challenge\u003c/code\u003e TXT record in our name server provider with the content it tells us:\nWith cerbot, when using the dns challenge, certbot will ask you to place a` TXT DNS` record with specific contents under the domain name consisting of the hostname for which you want a certificate issued, prepended `_acme-challenge`.\nFor example, for the domain `example.com`, a zone file entry would look like:\n```shell\n_acme-challenge.example.com. 300 IN TXT \"gfj9Xq...Rg85nM\"\n```\n\nIt creates the following files, in the directory \u003ccode\u003e/etc/letsencrypt/live/\u003c/code\u003e:\n - \u003ccode\u003efullchain.pem\u003c/code\u003e – your SSL certificate encrypted in PEM.\n - \u003ccode\u003eprivkey.pem\u003c/code\u003e – your private key encrypted in PEM.\n\n#### Configuración de Lets encrypt\nTo check if the certificate will self-renew:\n* Renewal test (simulación):\u003ccode\u003ecertbot renew --dry-run\u003c/code\u003e\n* Check the status of the Certbot timer service: \u003ccode\u003esystemctl status certbot.timer\u003c/code\u003e\n* To renew a certificate: \u003ccode\u003ecertbot renew\u003c/code\u003e\n\t* To force self-renewal: \u003ccode\u003e--force-renewal\u003c/code\u003e\n* To list jobs: \u003ccode\u003esystemctl list-timers --all\u003c/code\u003e Debe aparecer el siguiente configurado para la renovación automática: \u003ccode\u003ecertbot.timer - certbot.service\u003c/code\u003e\n* Listing certificates: \u003ccode\u003ecertbot certificates\u003c/code\u003e\n\nTo revoke a certificate:\n* Delete a certificate completely: \u003ccode\u003ecertbot delete --cert-name example.com --reason keycompromise\u003c/code\u003e\n* From the account for which the certificate was issued: \u003ccode\u003ecertbot revoke --cert-path /etc/letsencrypt/archive/${YOUR_DOMAIN}/cert1.pem --reason keycompromise\u003c/code\u003e\n* Using the certificate's private key: \u003ccode\u003ecertbot revoke --cert-path /PATH/TO/cert.pem --key-path /PATH/TO/key.pem --reason keycompromise\u003c/code\u003e\n\n\u003cp\u003eIf you do not want to follow all these steps, you can obtain the certificate with \u003ccode\u003eZeroSSL\u003c/code\u003e, but the wildcard certificate is charged.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://zerossl.com/\"\u003e\u003cimg src=\"https://img.shields.io/badge/-ZeroSSL-3849b8?style=flat\u0026labelColor=3849b8\" alt=\"ZeroSSL\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\u003c/details\u003e\n\n### Create the self-signed personal certificate with OPENSSL:\n\u003cdetails\u003e\n    \u003csummary\u003eCreate the self-signed personal certificate:\u003c/summary\u003e\n\n#### Create a self-signed personal certificate:\n\u003cp\u003eSteps you can follow to create a self-signed RSA certificate using OpenSSL with SHA-512 and Subject Alternative Names (SAN).\u003c/p\u003e\n\u003cp\u003eTo learn more about on useful openssl commands for certificates:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.busindre.com/comandos_openssl_utiles_para_certificados\"\u003e\u003cimg src=\"https://img.shields.io/badge/-Link-df8a47?style=flat\u0026labelColor=df8a47\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n1. We update the list of packages.\n```shell\nsudo apt update \u0026\u0026 sudo apt upgrade\n```\n2. Make sure you have OpenSSL installed on your system before proceeding. Install the openssl package:\n```shell\nsudo apt install openssl\n```\n3. Create the directory where we want to store the certificates:\n```shell\nmkdir certs \u0026\u0026\\\ncd certs/\n```\n4. Create certificate with the following command, changing the certificate path or leave the name of the .key and dot crt to store it in the directory:\n\n\t4.1 Generate an RSA private key:\n\t```shell\n\topenssl genpkey -algorithm RSA -out privkey.key -pkeyopt rsa_keygen_bits:2048\n\t```\n\t4.2 Next, we will create a certificate request (CSR) which will contain the certificate information:\n\t```shell\n\tvi csrconfig.cnf\n\t```\n\t```shell\n\t[req]\n\tdistinguished_name = req_distinguished_name\n\treq_extensions = v3_req\n\n\t[req_distinguished_name]\n\tcommonName = your website domain name\n\torganizationName = Your Company Name\n\tcountryName = ES\n\n\t[v3_req]\n\tsubjectAltName = @alt_names\n\n\t[alt_names]\n\tDNS.1 = example.com\n\tDNS.2 = www.example.com\n\t```\n\t4.3 We generate the self-signed certificate with the CSR data:\n\t```\n\topenssl req -new -key privkey.key -out chain.csr -sha512 -config csrconfig.cnf\n\t```\n\t4.4 Create self-signed certificate in PEM format:\n\t```\n\topenssl x509 -req -in chain.csr -signkey privkey.key -out fullchain.pem -sha512 -days 365 -extfile csrconfig.cnf -extensions v3_req\n\t```\n\t4.5 After creating the self-signed certificate, we can verify the content of the certificate if it has been created correctly:\n\t```shell\n\topenssl x509 -in fullchain.pem -text -noout\n\t```\n\u003c/details\u003e\n\n\n### Configure certificate in AdGuard Home:\n1. Open the AdGuard Home web interface and go to configuration.\n2. Scroll down the menu to settings: \u003ccode\u003eEncryption settings\u003c/code\u003e.\n3. Enable check\u003ccode\u003eEnable encryption (HTTPS, DNS via HTTPS and DNS via TLS)\u003c/code\u003e.\n4. Enable \u003ccode\u003eRedirect to HTTPS automatically\u003c/code\u003e.\n5. Enter your domain name in \u003ccode\u003eServer name\u003c/code\u003e. If you are entering a wildcard, enter the domain name only\u003ccode\u003e\"example.com\"\u003c/code\u003e.\n6. Copy/paste the contents of the file `fullchain.pem` in \u003ccode\u003eCertificados\u003c/code\u003e.\n7. Copy / paste the contents of the file `privkey.pem` in \u003ccode\u003ePrivate key\u003c/code\u003e.\n8. Click \u003ccode\u003eSave configuration\u003c/code\u003e.\n\n### Configure the domain to allow private DNS DoH and DoT clients:\nTo create a zone in your domain to enable clients, follow these steps:\n\n1. Mainly in the encryption Adguard section, you must enable the domain \u003ccode\u003eexample.org\u003c/code\u003e.\n2. You have the wildcard \u003ccode\u003e*.example.org\u003c/code\u003e certificate created.\n\n#### Instructions for use:\n\n1. Log into the control panel of your web hosting provider or domain registrar where you purchased the domain name.\n2. Find the `DNS Zones` option.\n3. Create a new `DNS Zones` entry. To add the entry for each client, e.g. `one.example.org`.\nThis will allow the client created in the `Client Configuration` panel to connect.\n4. Configure `Settings/Client Configuration/Persistent clients`. Click `Add Clients` and under `Identifier` create a name.\n\n\u003csup\u003eCurrent instructions in the developer's documentation \u003ca href=\"https://github.com/AdguardTeam/AdGuardHome/wiki/Clients#clientid\"\u003edocumentación\u003c/a\u003e.\u003c/sup\u003e\n\n# List for Pihole \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/pihole.png\" alt=\"Pi-Hole\" width=\"40\"/\u003e and AdGuard Home \u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/AdGuard_Logo.png\" alt=\"AdGuard Home\" width=\"32\"/\u003e\n\n## Main safelist\n\n| List | Link | Description |\n| :-- | :--: | :-- |\n| safelist repository | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/juanico10/SecureDNS/main/Listas/whitelist.txt) | safelist juanico10 |\n| safelist hagezi | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/hagezi/dns-blocklists/main/whitelist.txt) | safelist hagezi (Not tested) |\n\n\n## Main BlockLists\n\u003csup\u003eColumn Link: Pi-hole® | Adguard Home®.\u003c/sup\u003e\n\n#### Host\n| List Host | Link | Description |\n| :-- | :--: | :-- |\n| List oisd | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://dbl.oisd.nl) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://abp.oisd.nl) | To Block host Adguard and domains [dbl.oisd](https://oisd.nl/) |\n| The big list | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://big.oisd.nl/domains) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://big.oisd.nl/) | The big list [oisd](https://oisd.nl/) |\n| urlhaus-filter-domains | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://malware-filter.gitlab.io/malware-filter/urlhaus-filter-domains.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://malware-filter.gitlab.io/malware-filter/urlhaus-filter-agh.txt) | urlhaus-filter DEV [Link](https://gitlab.com/malware-filter/urlhaus-filter) |\n| everything | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://blocklistproject.github.io/Lists/everything.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/blocklistproject/Lists/master/adguard/everything-ags.txt) | To Block everything |\n| energized pro | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://energized.pro/unified/formats/hosts.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://block.energized.pro/ultimate/formats/hosts.txt) | To Block [energized](https://energized.pro/) |\n| d3ward | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/d3ward/toolz/master/src/d3host.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/d3ward/toolz/master/src/d3host.adblock) | [d3ward](https://github.com/d3ward) popular list |\n\n\n#### Malware / Shock / Porn / Adult\n| List | Link | Description |\n| :-- | :--: | :-- |\n| The NSFW list | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://nsfw.oisd.nl/domains) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://nsfw.oisd.nl/) | The NSFW list [oisd](https://oisd.nl/) |\n| Gambling-porn | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/juanico10/SecureDNS/main/List/Gambling.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://github.com/blocklistproject/Lists/blob/master/adguard/gambling-ags.txt) | To Block Gambling and porn |\n| Malware | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://blocklistproject.github.io/Lists/malware.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/blocklistproject/Lists/master/adguard/malware-ags.txt) | To Block malware |\n| Ransomware | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/blocklistproject/Lists/master/ransomware.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/blocklistproject/Lists/master/adguard/ransomware-ags.txt) | To Block ransomware |\n| phishing | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://phishing.army/download/phishing_army_blocklist_extended.txt) | To Block phishing |\n\n\n#### Tracking/Ads\n| List Tracking/Ads | Link | Description |\n| :-- | :--: | :-- |\n| SmartTV | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/blocklistproject/Lists/master/adguard/smart-tv-ags.txt) | To Block SmartTV |\n| WindowsSpyBlocker | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt) | To Block WindowsSpyBlocker |\n| GoodbyeAds-Ultra | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Hosts/GoodbyeAds-Ultra.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/pro.plus.txt) | To Block [hagezi](https://github.com/hagezi/dns-blocklists) and [jerryn70](https://github.com/jerryn70/GoodbyeAds) |\n| ads-and-tracking-extended | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt) | To Block ads-and-tracking-extended |\n| Adblock_Plus | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/notracking/hosts-blocklists/master/adblock/adblock.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/juanico10/SecureDNS/main/List/Adblock_Plus_Ads.txt) | To Block Tracking AdBlock |\n| Android tracking | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://github.com/juanico10/Pihole_list/blob/main/Listas/android-tracking.txt) | Android tracking for AdGuard Home |\n| Disconnect.me | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt) | To Block disconnect.me |\n\n#### Adguard team filters\n| List Tracking/Ads | Link | Description |\n| :-- | :--: | :-- |\n| AdGuardSDNSFilter | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt) | AdGuard team DNS filter |\n| AdAway | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://adaway.org/hosts.txt) | AdAway default blocklist |\n| Game Console Adblock List | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/DandelionSprout/adfilt/master/GameConsoleAdblockList.txt) | Game Console Adblock List |\n| SmartTV-AGH | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV-AGH.txt) | Smart-TV Blocklist for AdGuard Home |\n| Peter Lowe's List | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://pgl.yoyo.org/adservers/serverlist.php?hostformat=adblockplus\u0026showintro=1\u0026mimetype=plaintext) | Blocklist for use with Adblock Plus |\n\n#### Services\n| List Services | Link | Description |\n| :-- | :--: | :-- |\n| Youtube | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/blocklistproject/Lists/master/youtube.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/blocklistproject/Lists/master/adguard/youtube-ags.txt) | To Block youtube |\n| Facebook | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://github.com/jmdugan/blocklists/blob/master/corporations/facebook/all) | To Block Facebook/Instagram/Whatsapp |\n| Whatsapp open | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/jmdugan/blocklists/master/corporations/facebook/all-but-whatsapp) | To Block Facebook/Instagram but leave Whatsapp open |\n| Google | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/jmdugan/blocklists/master/corporations/google/all) | To Block Google |\n| Mozilla | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/juanico10/SecureDNS/main/List/mozilla.txt) \u0026#124; [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/juanico10/SecureDNS/main/List/mozilla_adguard.txt) | To Block Mozilla tracking |\n| Microsoft | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/jmdugan/blocklists/master/corporations/microsoft/all) | To Block Microsoft |\n| VideoGamesAdiction | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/juanico10/SecureDNS/main/List/VideoGamesAdiction.txt) | To Block VideoGames Adiction |\n\n\n#### uBlock Origin uAssets\n| List Services | Link | Link dev | Description |\n| :-- | :--: | :--: | :-- |\n| uBlock filters | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/filters.txt) | [Link DEV](https://github.com/uBlockOrigin/uAssets/tree/master/filters) | uBlock filters |\n| Badware risks | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/badware.txt) | [Link DEV](https://github.com/uBlockOrigin/uAssets/tree/master/filters) | uBlock filters – Badware risks |\n| Privacy | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/privacy.txt) | [Link DEV](https://github.com/uBlockOrigin/uAssets/tree/master/filters) | uBlock filters – Privacy |\n| Quick fixes list | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/quick-fixes.txt) | [Link DEV](https://github.com/uBlockOrigin/uAssets/tree/master/filters) | Quick fixes list |\n| Resource abuse | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/resource-abuse.txt) | [Link DEV](https://github.com/uBlockOrigin/uAssets/tree/master/filters) | uBlock filters – Resource abuse |\n| Unbreak | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/unbreak.txt) | [Link DEV](https://github.com/uBlockOrigin/uAssets/tree/master/filters) | uBlock filters – Unbreak |\n| i-dont-care-about-cookies | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/unbreak.txt) | [Link DEV](https://www.i-dont-care-about-cookies.eu/) | i-dont-care-about-cookies |\n| urlhaus-filter | [![Link](https://img.shields.io/badge/Link-green.svg?style=flat)](https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt) | [Link DEV](https://gitlab.com/malware-filter/urlhaus-filter) | urlhaus-filter |\n\n\u003csup\u003eA tab has been added for AdGuard with lists adapted to its format.\u003c/sup\u003e\n\n\n### Check your SelfHosted:\n\n\u003cdetails\u003e\n\u003csummary\u003efivefilters:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check your selfhosted from fivefilters\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://blockads.fivefilters.org/\"\u003e\u003cimg src=\"https://img.shields.io/badge/fivefilters-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n\u003csummary\u003ed3ward:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check your selfhosted from [d3ward](https://d3ward.github.io/toolz/)\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://d3ward.github.io/toolz/adblock.html\"\u003e\u003cimg src=\"https://img.shields.io/badge/d3ward-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n\u003csummary\u003ecanyoublockit:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check your selfhosted from canyoublockit\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://canyoublockit.com/\"\u003e\u003cimg src=\"https://img.shields.io/badge/CanYouBlockit-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n\u003csummary\u003eNo more ads:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check your selfhosted from No more ads\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://ads-blocker.com/es/pruebas/\"\u003e\u003cimg src=\"https://img.shields.io/badge/Nomoreads-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\n\u003cdetails\u003e\n\u003csummary\u003eAdBlock Tester:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check your selfhosted from AdBlock Tester\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://adblock-tester.com/\"\u003e\u003cimg src=\"https://img.shields.io/badge/AdBlocktester-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n### Check DoH, DoT and DDNSSEC:\n\n\u003cdetails\u003e\n\u003csummary\u003e1.1.1.1 de Cloudflare:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check encryption of 1.1.1.1 de Cloudflare\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://1.1.1.1/help\"\u003e\u003cimg src=\"https://img.shields.io/badge/Cloudflare-1.1.1.1-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n\u003csummary\u003eTenta VPN Browser:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check encryption of Tenta VPN Browser\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://tenta.com/test/\"\u003e\u003cimg src=\"https://img.shields.io/badge/Tenta-Browser-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n\u003csummary\u003eCloudflare:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check encryption of Cloudflare\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://www.cloudflare.com/es-es/ssl/encrypted-sni/\"\u003e\u003cimg src=\"https://img.shields.io/badge/cloudflare-encryptedsni-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n#### The technologies analysed are:\n1. Secure DNS: a technology that encrypts DNS queries and includes DNS-over-TLS and DNS-over-HTTPS.\n2. DNSSEC: a technology designed to verify the authenticity of DNS queries.\n3. TLS 1.3: the latest version of the TLS protocol that includes many improvements and closes security holes from previous versions.\n4. Encrypted SNI: stands for Server Name Indication encryption that reveals the hostname during a TLS connection. This technology aims to ensure that only the IP address can be leaked.\n\u003cp\u003e\u003csup\u003eThe only browser that supports all four technologies is Firefox.\u003c/sup\u003e\u003c/p\u003e\n\n#### To activate the technologies, go to `about:config` and activate:\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003enetwork.security.esni.enabled\u003c/code\u003e - pulsamos en el \u003ccode\u003e+\u003c/code\u003e y se ponga en \u003ccode\u003etrue\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003enetwork.trr.mode\u003c/code\u003e – (valor 2)\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003enetwork.trr.uri\u003c/code\u003e – \u003ca href=\"https://mozilla.cloudflare-dns.com/dns-query\"\u003evalor en la web Mozilla.\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ccode\u003eHTTPS-Only Mode\u003c/code\u003e - pulsamos en el \u003ccode\u003e+\u003c/code\u003e y se ponga en \u003ccode\u003etrue\u003c/code\u003e.\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n\u003csummary\u003eDNSSEC Resolver Test:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check DNSSEC\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"http://dnssec.vs.uni-due.de/\"\u003e\u003cimg src=\"https://img.shields.io/badge/dnssec-unidue-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"http://www.dnssec-or-not.com/\"\u003e\u003cimg src=\"https://img.shields.io/badge/dnssec-ornot-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"http://en.conn.internet.nl/connection/\"\u003e\u003cimg src=\"https://img.shields.io/badge/connection-internet-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://wander.science/projects/dns/dnssec-resolver-test/\"\u003e\u003cimg src=\"https://img.shields.io/badge/wander-project-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check DNSSEC encryption\u003c/Original\u003e\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://rootcanary.org/test.html\"\u003e\u003cimg src=\"https://img.shields.io/badge/rootcanary-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u0026nbsp;\n\n\u003cdetails\u003e\n\u003csummary\u003eDNS leak test:\u003c/summary\u003e\n\n\u003cOriginal\u003e\u0026nbsp;Page to check DNS leakage\u003c/Original\u003e\n\n\u003cp\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://www.dnsleaktest.com/\"\u003e\u003cimg src=\"https://img.shields.io/badge/DNSleak-test-2aa8ff.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\u003c/details\u003e\n\u0026nbsp;\n\n## Applications for Pi-hole® or Adguard Home®.\nLink to the developer of the application:\n[![GitHub](https://img.shields.io/badge/-JGeek00-171515?style=flat\u0026logo=Github\u0026logoColor=black\u0026labelColor=ffffff\u0026color=ffffff)](https://github.com/JGeek00/)\n#### Pi-hole® android application\n\u003cp\u003e\u003ca\u003e\u003ca href=\"https://play.google.com/store/apps/details?id=com.jgeek00.droid_hole\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/get_google_play.png\" width=\"120px\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n#### Adguard Home® android application\n\u003cp\u003e\u003ca\u003e\u003ca href=\"https://play.google.com/store/apps/details?id=com.jgeek00.adguard_home_manager\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/get_google_play.png\" width=\"120px\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n## Desktop applications for Adguard Home®.\nLink to the developer of the application:\n[![GitHub](https://img.shields.io/badge/-Juanico10-171515?style=flat\u0026logo=Github\u0026logoColor=black\u0026labelColor=ffffff\u0026color=ffffff)](https://github.com/juanico10/)\n\u003cp\u003e\u003ca\u003e\u003ca href=\"https://github.com/juanico10/adguard-home-manager-desktop\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\u003cimg src=\"https://github.com/juanico10/Pihole_list/blob/main/assets/get-github.png\" width=\"120px\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003csub\u003eAny and all rights and responsibilities pertaining thereto remain the property of the respective developer.\u003c/sub\u003e\u003c/p\u003e\n\n## Help me and contribution :raised_hands:\n\u003cp\u003e \u0026nbsp;If you want to contribute to improve the lists, open a \u003ccode\u003eissue\u003c/code\u003e here:\u003c/p\u003e\n\u003ca href=\"https://github.com/juanico10/SecureDNS/issues\"\u003e\u003cimg src=\"https://img.shields.io/badge/issues-green.svg?style=flat\" alt=\"Link\"\u003e\u003c/a\u003e\n\n## Credits :rocket:\nThis repository is made with all my love and affection.\n\n[![GitHub](https://img.shields.io/badge/-Juanico10-171515?style=flat\u0026logo=Github\u0026logoColor=black\u0026labelColor=ececec\u0026color=ececec)](https://github.com/juanico10/)\n\n## :tada: ¡Ready!\n\n\u0026nbsp;\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/catppuccin/catppuccin/main/assets/footers/gray0_ctp_on_line.svg?sanitize=true\" /\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003csup\u003eThese files/texts are provided \"AS IS\", without warranties of any kind, express or implied, including, but not limited to, warranties of merchantability, fitness for a particular purpose and non-infringement. In no event shall the authors or copyright holders be liable for any claims, damages or other liability arising out of or relating to the files or the use thereof.\u003c/sup\u003e\u003c/p\u003e\n\u003cp\u003e\u003csup\u003eI will be updating with information and adding procedures in my spare time. The author of the content is juanico10. You can contact me at \u003ca href=\"mailto:juanico1007@gmail.com?Subject=from%20github\"\u003emailto\u003c/a\u003e and the author's website is \u003ca href=\"https://github.com/juanico10/\"\u003ewebsite\u003c/a\u003e.\u003c/p\u003e\u003c/sup\u003e\n\u003cp\u003e\u003csub\u003eAny and all trademarks are the property of their respective owners.\u003c/sub\u003e\u003c/p\u003e\n\u003cp align=\"center\"\u003e\u003ca href=\"https://raw.githubusercontent.com/juanico10/SecureDNS/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/static/v1.svg?style=for-the-badge\u0026label=License\u0026message=MIT\u0026logoColor=d9e0ee\u0026colorA=302d41\u0026colorB=b7bdf8\"/\u003e\u003c/a\u003e\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjuanico10%2Fsecuredns","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjuanico10%2Fsecuredns","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjuanico10%2Fsecuredns/lists"}