Home

Awesome

Roll your own Adblocking VPN

This is a how to guide to creating your own VPN server that also blocks malicious domains to enhance your security and privacy while browsing.

How does this work?

Quite simply, this guide will set you up with a Linux server that runs OpenVPN, with Dnsmasq, with a modified hosts file that routes offending sites to 0.0.0.0.

Prerequisites

Instructions

  1. Get OpenVPN installed on your server. For this, we will use Nyr's fantastic OpenVPN installer script
  1. Now we're going to overwrite our hosts file to route malicious domains to 0.0.0.0 by using StevenBlack's amazing hosts project.
  1. Install Dnsmasq
  1. We need to edit the dnsmasq config file to do a few things:
  1. Edit the OpenVPN config file to resolve dhcp through dnsmasq
  1. Create a crontab entry that updates your hosts file every night at midnight:
  1. Restart the services
  1. At this point, we have an OpenVPN server routing traffic through Dnsmasq, which is checking our hosts file for malicious hosts, and falling back to a DNS provider for non-malicious hosts. Using the .ovpn file from earlier, you can now connect to the VPN from your client.

Adding/Removing Users

Thanks to the thoughtful work on Nyr, we can just use their script from the first step to manage users. It will detect that OpenVPN is already installed and prompt you to Add a new User, Removing existing user, or Remove OpenVPN completely: wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

License

These instructions are licensed under an MIT License