AdGuard Home is a network-wide software for blocking ads & tracking. After you set it up, it'll cover ALL your home devices, and you don't need any client-side software for that.
AdGuard Home operates as a DNS server that re-routes tracking domains to a "black hole," thus preventing your devices from connecting to those servers. It's based on software we use for our public [AdGuard DNS](https://adguard.com/en/adguard-dns/overview.html) servers -- both share a lot of common code.
Download this file: [AdGuardHome_v0.92_MacOS.zip](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92/AdGuardHome_v0.92_MacOS.zip), then unpack it and follow ["How to run"](#how-to-run) instructions below.
### Windows 64-bit
Download this file: [AdGuardHome_v0.92_Windows.zip](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92/AdGuardHome_v0.92_Windows.zip), then unpack it and follow ["How to run"](#how-to-run) instructions below.
Download this file: [AdGuardHome_v0.92_linux_amd64.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92/AdGuardHome_v0.92_linux_amd64.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.
Download this file: [AdGuardHome_v0.92_linux_386.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92/AdGuardHome_v0.92_linux_386.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.
Download this file: [AdGuardHome_v0.92_linux_arm.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92/AdGuardHome_v0.92_linux_arm.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.
You can run AdGuard Home without superuser privileges, but you need to either grant the binary a capability (on Linux) or instruct it to use a different port (all platforms).
#### Granting the CAP_NET_BIND_SERVICE capability (on Linux)
Upon the first execution, a file named `AdGuardHome.yaml` will be created, with default values written in it. You can modify the file while your AdGuard Home service is not running. Otherwise, any changes to the file will be lost because the running program will overwrite them.
*`bind_host` — Web interface IP address to listen on.
*`bind_port` — Web interface IP port to listen on.
*`auth_name` — Web interface optional authorization username.
*`auth_pass` — Web interface optional authorization password.
*`dns` — DNS configuration section.
*`port` — DNS server port to listen on.
*`protection_enabled` — Whether any kind of filtering and protection should be done, when off it works as a plain dns forwarder.
*`filtering_enabled` — Filtering of DNS requests based on filter lists.
*`blocked_response_ttl` — For how many seconds the clients should cache a filtered response. Low values are useful on LAN if you change filters very often, high values are useful to increase performance and save traffic.
*`querylog_enabled` — Query logging (also used to calculate top 50 clients, blocked domains and requested domains for statistical purposes).
*`ratelimit` — DDoS protection, specifies in how many packets per second a client should receive. Anything above that is silently dropped. To disable set 0, default is 20. Safe to disable if DNS server is not available from internet.
*`ratelimit_whitelist` — If you want exclude some IP addresses from ratelimiting but keep ratelimiting on for others, put them here.
*`refuse_any` — Another DDoS protection mechanism. Requests of type ANY are rarely needed, so refusing to serve them mitigates against attackers trying to use your DNS as a reflection. Safe to disable if DNS server is not available from internet.
*`bootstrap_dns` — DNS server used for initial hostname resolution in case if upstream server name is a hostname.
*`parental_sensitivity` — Age group for parental control-based filtering, must be either 3, 10, 13 or 17 if enabled.
*`parental_enabled` — Parental control-based DNS requests filtering.
*`safesearch_enabled` — Enforcing "Safe search" option for search engines, when possible.
*`safebrowsing_enabled` — Filtering of DNS requests based on safebrowsing.
You are welcome to fork this repository, make your changes and submit a pull request — https://github.com/AdguardTeam/AdGuardHome/pulls
### How to update translations
If you want to help with AdGuard Home translations, please learn more about translating AdGuard products here: https://kb.adguard.com/en/general/adguard-translations
Here is a direct link to AdGuard Home project: http://translate.adguard.com/collaboration/project?id=153384
If you run into any problem or have a suggestion, head to [this page](https://github.com/AdguardTeam/AdGuardHome/issues) and click on the `New issue` button.
You might have seen that [CoreDNS](https://coredns.io) was mentioned here before — we've stopped using it in AdGuardHome. While we still use it on our servers for [AdGuard DNS](https://adguard.com/adguard-dns/overview.html) service, it seemed like an overkill for Home as it impeded with Home features that we plan to implement.
For a full list of all node.js packages in use, please take a look at [client/package.json](https://github.com/AdguardTeam/AdGuardHome/blob/master/client/package.json) file.
