What it does (and how it compares)
- DNS blocking: returns 0.0.0.0 for ad/tracker domains.
- Built-in DoH/DoT: easy encrypted upstream DNS or serve DoH/DoT to clients.
- Per-client rules: different blocklists for TVs, kids, guests, etc.
- Compared to Pi-hole: similar core idea; AdGuard Home has smoother DoH/DoT setup and client policies; Pi-hole has a super-light footprint and huge community. Both are great.
Quick install options
Docker (any OS with Docker)
docker run -d --name adguardhome \
--restart unless-stopped \
-v /opt/adguardhome/work:/opt/adguardhome/work \
-v /opt/adguardhome/conf:/opt/adguardhome/conf \
-p 53:53/tcp -p 53:53/udp \
-p 3000:3000/tcp -p 80:80/tcp -p 443:443/tcp \
adguard/adguardhomeOpen http://<your-lan-ip>:3000 to finish setup. Afterwards the admin UI lives on port 80/443.
Linux script (official)
curl -s -S -L https://static.adguard.com/adguardhome/release/AdGuardHome_linux_amd64.tar.gz \
| tar -xz && sudo ./AdGuardHome/AdGuardHome -s installSet a static LAN IP first so your DNS address doesn’t change.
Point devices at it
- Best: set your router’s LAN DNS to the AdGuard Home IP (affects all clients).
- Per-device: set DNS manually on computers/phones to the AdGuard Home IP.
Recommended settings
- Keep the default blocklists; optionally add one consolidated list (e.g., OISD) for broader coverage.
- Encrypted upstream DNS: choose DoH/DoT or point to a local Unbound resolver.
- Client rules: create groups (TVs, Kids) with stricter lists; keep your devices on a lighter profile for fewer breakages.
- Query logs: keep short retention or anonymize if you don’t want per-client history.
Verify it’s working
- Open the dashboard → you should see queries/blocks as you browse.
- On a client device, run nslookup doubleclick.net → expect 0.0.0.0.
- If you enabled DoH/DoT for clients, test with a DoH/DoT-aware tool and confirm it hits your box, not a public resolver.
Get AdGuard Home
Disclosure: not affiliated.