NextDNS
@NextDNS
Followers
8K
Following
9
Media
42
Statuses
233
The new firewall for the modern Internet. For help, check out https://t.co/GYMNQJdvOT.
Joined May 2019
Hello #Web3 π! NextDNS now supports and acts as an unfiltered gateway for @ensdomains (.eth), @unstoppableweb (.crypto), @HNS and @IPFS. Experience the new Web firsthand β on all browsers and devices β without the need to install anything. Enable it now in the Settings tab.
13
46
190
We are perfecting our widely used "Allow Affiliate & Tracking Links" feature that unblocks links in emails and on deals websites that you manually click. Starting today, your IP address will automatically be hidden from those websites to preserve your privacy (via TCP proxying).
9
18
192
We are now blocking 1400+ domains linked to #NSOGroup/#Pegasus via our Threat Intelligence Feeds feature. Thanks @AmnestyTech @tenacioustek for the findings.
6
31
186
We are so proud and excited to see come to life β a lot of tech and experience from NextDNS went into making this a reality. Please spread the word to your πͺπΊ European friends and colleagues!.
10
33
172
At NextDNS, we β€οΈ @Tailscale. Today, we are so thrilled to announce that you can now set up NextDNS natively in your tailnet β you can even assign separate NextDNS profiles to specific nodes if you'd like. Thanks @bradfitz and the team!.
3
30
158
Introducing our Apple Configuration Profile Generator: enable NextDNS natively on Apple devices using the new system Encrypted DNS feature β without the need for an app. Works on iOS 14, iPadOS 14, tvOS 14 and macOS Big Sur. Available at
13
25
157
Introducing AI-Driven Threat Detection β our proprietary AI engine designed from the ground up for DNS with hundreds of signals, terabytes of training data and real-time decision making. This is joining our comprehensive set of security features. Enable it in the Security tab.
10
32
144
After launching a year ago, and a few locations later, today we are officially announcing the end of our beta. Subscribe now if you can, and thanks for your support! Stay safe
26
30
145
You can now download the entirety of your DNS logs on NextDNS. Those include every bit of log data we store for you, following our strict policy of "What You See Is What We Have" (WYSIWWH). Or, in the words of that old Zero Wing game:. ALL YOUR LOG ARE BELONG TO YOU.
6
16
143
To better secure your account, we have added Two-Factor Authentication (2FA) on You can enable it now from your account page.
10
22
120
We would like to wish everyone a very happy new year!. A few hints of what's in the pipe for early 2021 on our side: "ultra low", "3" and "dark". Stay put and stay safe!
8
8
117
Responding to the massive #Microsoft credential leak affecting many people and organizations worldwide, we are β as of right now β blocking all potentially malicious #autodiscover domains. This includes all IANA TLDs and all public suffixes (e.g. .
4
19
112
Introducing Recreation Time β only allow some websites, apps and games during a specific time period each day of the week. E.g., only allow Facebook, YouTube, Twitch and Fortnite on Wednesdays and Fridays between 6:30pm and 8pm, and on Saturdays and Sundays between 1pm and 8pm.
10
17
113
Introducing Native Tracking Protection: block system-level trackers and abusive telemetry from Xiaomi, Huawei, Windows and others. Those can't be blocked by browser privacy extensions.
6
20
111
We are releasing some improvements to our Logs feature:. 1. Streaming β displays queries as they are made. 2. Simple mode β deduplicates A/AAAA/HTTPS queries and hides more advanced queries (that do not result in direct connections), and more.
3
6
98
Introducing our official API β you can now programmatically manage your profiles, fetch analytics and stream your logs. This is available to all NextDNS accounts today (get your API key on your account page). Documentation is at
5
14
94
NextDNS switched to the new full ECDSA certificate chain of @letsencrypt. Its smaller size is perfect for faster DoH/DoT handshakes. If you pin our certs, do not forget to update it.
5
9
93
Are you already on iOS 14? Do you want to try the new native Encrypted DNS feature? The first beta of NextDNS for iOS 14 is now available at Note: having a NextDNS account is entirely optional.
11
16
88
Introducing Access β easily provide editing or viewing-only access to any of your profiles to others. This is available today at the bottom of the Settings tab.
4
12
89
Introducing version 3.0 of our Windows app β state-of-the-art kernel-level DNS interception, MDM deployments and #Windows11 modern UI. Latest 2 are coming soon. Try the beta today at:. Please share bug reports and suggestions at:.
11
15
84
Security notice β we deployed a mitigation against the new SAD DNS attack announced earlier this week by researchers from @UCRiverside and @Tsinghua_Uni.
2
9
70
You can now choose where your NextDNS logs are being stored (if you enabled them): πΊπΈUnited States, πͺπΊEuropean Union or π¨πSwitzerland!
6
11
69
Amplifying this important call for threat intelligence partners from @dns0eu. Please spread the word if you can.
Help us secure the πͺπΊ European Internet. If you are:.- a commercial threat intelligence provider.- a CERT.- a company or institution wanting to protect their users from phishing. And you can provide with a list of malicious domains to be blocked. [1/3].
16
13
56
So many of you have helped us translate NextDNS in many languages β we are immensively grateful for that. If you can spare some time, please help us with translating our πͺπΊ European non-profit initiative
is available in all 24 official languages of the πͺπΊ European Union. Please help us improve the translations in your language by upvoting the best translations and downvoting the incorrect ones, or suggesting new ones. β
4
10
57
iOS 14/native Encrypted DNS status:. - Our app submission is currently being reviewed by Apple. - For those who really can't wait, our TestFlight beta is available at - You can now use a Configuration Profile to use NextDNS on iOS 14 (see screenshot).
1
7
55
Hey @AskPayPal, we've been trying to confirm our business identity for more than a month with your support. You keep asking us the same documents, and snooze us for days if not weeks after each exchanges. This is delaying our launch and endangering our company. Please help us.
15
10
58
Introducing CNAME Flattening: prevent CNAME-chasing resolvers from making unnecessary queries and pollute the logs with intermediate domains. Recommended for macOS, iOS and when running unbound. Note: your router may be using unbound as resolver without making it obvious.
5
4
46
Introducing Cache Boost: Minimize DNS queries by enforcing a minimum TTL (Time to live). Head over to the Settings to try it out!. Learn more on our changelog:
5
8
48
During these difficult times, we are protecting you and your close ones against COVID-19 phishing threats (thanks to @ThreatCoalition amazing work).
1
17
48
For those of you using our Block Page feature, you can now optionally install and trust our NextDNS Root CA to remove the HTTPS warning. Instructions on how to do this at
6
9
46
You can now set up NextDNS natively with @TwingateHQ β one of the best zero trust solutions on the market. Organizations and pro users can now combine the capabilities of both services on their network π. Read more at
0
5
44
We added the ability to export your query logs via the syslog protocol over TCP or TLS. If you are interested, please DM us to test it. We are curious to learn about your use case.
6
4
42
Introducing Affiliation. Help us spread the word about NextDNS and get rewarded for it while we focus our time improving the service. We made it as simple as it can be, anyone with a NextDNS account can immediately start sharing their own custom link.
7
3
39
We're translating NextDNS, starting with French, Simplified Chinese and Traditional Chinese are already available. Want to help us improve those or support more languages? Read Free subscriptions for anyone helping! π.
7
10
38
- We made a free online analysis tool to check if a website is disguising third-party trackers as first-party trackers
1
18
35
Say hello to our official open source command-line client for Linux, FreeBSD and macOS! DNS-over-HTTPS, Hardened Privacy Mode, and more. Check it out at
2
7
25
CNAME Cloaking, the dangerous disguise of third-party trackers β An in-depth exploration of a new method used by tracking companies to disguise their third-party trackers as first-party trackers.
1
19
22
We're looking for a talented Windows kernel dev with WFP experience for some freelance work. PM us (or retweet if you can).
1
17
21
We've just submitted NextDNS to ProductHunt, spread the word if you can!
0
11
21
At 4:24pm UTC, a bug in our blocklist management system made a lot of popular domains to be wrongly blocked by our default recommended blocklist. We rolled back the change at 4:40pm, as soon as we noticed the issue. We are sorry for the inconvenience.
0
1
19
New feature: Service Block Pause! Unblock a service for 30 minutes, 1 hour or until the end of the day so you donβt forget to put it back. It's now easier than ever to trade minutes of Youtube against chores from your kid. Try it now on Feedback welcome!
0
3
17
NextDNS first to support blocking of ALL third-party trackers disguised as first-party
0
2
15
New feature: Traffic Destination Countries β See where your Internet traffic goes! Try it now on
0
5
16
Oh, and if you want a custom cool-looking code instead of the randomly assigned one, talk to us!.
2
0
13
A few websites that are disguising third-party trackers as first-party:. Fox News: CNN: BBC: WebMD: ESPN: Ars Technica: (1/2).
2
6
14
The NextDNS Windows app is finally here! Easiest way to get DNS-over-HTTPS on Windows, bypass censorship & network blocks and block ads & trackers using your NextDNS configuration. Download it now:
3
3
14
@Mathieulh You can chose not to logs, what to log, for how long ans where. You are in control. Enabling logs is a good way to monitor who is tracking you and the effectiveness of the filters you selected.
1
0
12
@pcguy8088 You probably enabled cloudflare DoH in Firefox which is overriding your DNS system setting for this browser.
2
0
11
New feature: Tracker Insights! Quickly see who is tracking you, how much of your web traffic they are tracking, and more. Try it right now on Feedback welcome!
0
2
11
Shorter version: if you're seeing a lot of "com" queries in your NextDNS logs, try turning this on.
1
0
11
@grooveplex We (the founders) are running our own support, what did we do to you ;) ? Our faces and names are at the bottom of and our privacy policy is here:
0
0
10
(2/2) . (Disney): Washington Post: Walmart: Apple: NFL: T-Mobile: State Farm:
0
0
11
@BrendanEich any plans to have the Secure DNS setting already available in Chrome in Brave? Asking for our users
1
0
4
@SuddhaC @firefox @Cloudflare In NextDNS case, there is no data to give access to, as absolutely nothing is logged in the context of Firefox TRR.
1
0
4
@_prosumer_ No, just make sure it's verified when installing, then the profile itself can't/won't change. Not much we can do about that, Apple works that way.
0
0
3
@benmontour @abuse_ch We are already using URLhaus from @abuse_ch (among many others) in our new Threat Intelligence Feeds security feature.
0
0
2
@pedro38207 You canβt achieve this without a root CA. Our root CA priv key is offline and we use a TPM for the revokable intermediary CA able to generate short lived edge CA used to create those dummy certs. Itβs not right, but still, itβs opt-in, so feel free to skip it :).
0
0
3
@JonEFive_Alive @Quad9DNS @RNMc3 @Xfinity You have to disable Xfinity Safe Browsing as it is blocking popular DoH hostnames.
1
0
3
@RMerlinDev ASUS Merlin's CA root chain seems to miss LetsEncrypt ISRG Root X1, which breaks our new full ECC cert and will break all @letsencrypt based certs by September. Is it possible to update the root chain in a future rev?.
1
0
2
@AlexanderMatzen The app is just there for the setup now, so battery consumption is nil. On the system side of things, it's probably negligible (and handled entirely by the OS).
1
0
2
@SeanWrightSec @WrestlerDrunk @UK_Daniel_Card This can also be done in Chrome (it's under "Use secure DNS"). It's a phased release though, not sure what's the current %.
1
0
2
@AwesomeSheep48 Yes, you can modify the "ServerURL" value inside the .mobileconfig file and add your device name to the DNS-over-HTTPS URL (see bottom of the Setup tab on how to format it).
0
0
2
@BlnaryMlke Yes, Apple requires an app, but it's mostly never used except for the initial setup.
0
0
2