Hi, I use Windows 8.1 Pro (x64) My ISP is injecting ads into websites I've installed ad blockers like uBlock Origin but still I could see ads I found the IP Address of the ads. Should I block the IP in Firewall / Hosts file and will it work ? If it is hosts file, what entry do I need to enter in the hosts file ? Please share a sample on how to block a IP in hosts file
You can only block domains using hosts file not IPs. I would block that IP using firewall on router, if not possible then Windows firewall, but you will have to enable outbound monitoring. If that happened to me I would also start using VPN for my casual browsing and use https wherever possible.
Other than in hosts files it's possible to block IPs in uBlock Origin (or uMatrix). Just blacklist that IP in Dynamic Filtering should solve the problem.
If your ISP is injecting something that causes a third-party request, uBlock Origin could fail to block that request if it is not covered by an explicit block rule. However, shouldn't uBlock Origin still be able to recognize/block it as a third-party request? IOW, I'm wondering if you are taking full advantage of uBO's capabilities. If, on the other hand, your ISP injects ads in a manner that doesn't cause third-party requests [and doesn't utilize Javascript] then I think you would have to rely on a cosmetic filter. I'll differ to those more familiar with uBO on such points. You've already had some replies on that subject. I would add: have you determined whether it is using multiple IP Addresses? Even if it isn't now, it might down the road. Blocking an IP Address range, or ranges, might prove more beneficial than blocking individual addresses. You may have some other options too, if what is injected can be sufficiently reliably identified and effectively striped from HTTP pages. However, if your ISP has crossed such a line then you have a more general problem to deal with. Arguably, your ISP, its network, its servers, its equipment... everything... should be considered unsafe for you and others to use. Are you using its DNS server? It's router? Email server? Any other products/services? Implementing some ad/tracker/third-party block rules, forcing HTTPS for everything you can, blocking all mixed content at important sites, etc... for all devices and contexts mind you... would be a beneficial short-term response. However, you'll likely want a more comprehensive, longer-term, "solution" though.
I second the VPN idea- not only will it prevent the ISP from injecting ads but it will also prevent them from seeing where youre browsing (and thus will prevent them from selling that data, if they do..). Of course, you just move your trust from your ISP to your VPN provider, so theres that.
Thanks TheWindBringeth, summerheat and Anonfame1 for your replies. I believe my ISP is injecting ads only when I visit http sites and not when I visit https sites. I have noticed that many times. I checked these ads for few days and noticed these ads are from a single IP only. Not from a range of IPs I'm not using my ISP DNS. For DNS I have configured DNSCrypt. I have also installed HTTPS Everywhere extension in my browser. I have bought myself a basic D-Link modem/router and I do not use the router supplied by my ISP. Also I never used my ISP email service / email server When I searched, many customers using this ISP have made several complaints about this issue and it looks like ISP is not going to stop this shady practice. I do not have any immediate plan to change my ISP for some reasons. Also no immediate plan to invest in a paid VPN solution. Since the current speed offered by my ISP is not good and when I tried a free VPN solution the internet speed came down further. I'm thinking of trying 'AdFender'. Not sure if this solution will block the ads. Also I'm going to search if there is an option in my D-link modem/router to block this IP
FWIW, I came across these after I posted: http://www.crazyengineers.com/threa...rtisements-in-your-browser.88882/#post-373374 https://gist.github.com/d34dman/fb1c3cfb7f737626006572dc1ba3ff9f Glad to hear that. Earlier I jotted down some things I recall hearing that some ISPs were doing. Watch your back where appropriate: NXDOMAIN overriding Intercepting and responding to queries meant for other DNS servers HTTP redirection for purposes of appending affiliate codes HTTP MITMing to inject advertising and/or tracking components and/or affiliate codes STARTTLS stripping when users access other email servers Datamining of HTTP and HTTPS traffic patterns for advertising/profiling purposes Header enrichment Exposing customers to advertising/tracking/analytics/CRM companies via account management pages, webmail interface, etc
It is not I think common ISPs doing that. From what country are you from and what ISP? And I second a VPN connection if it is really the ISP problem you have.
Hm, why? Haven't you tried to blacklist that IP in uBlock Origin's Dynamic Filtering? For most routers this should be possible.
change your dns address in your modem router and disable "Dnscache Service" permanently Permanently disable DNS caching on Win Vista and Win 7 Click the start button. Type services.msc in the search box. Click on services.msc in the search results. Scroll down until you see "DNS Client" in the "Name" column. Double click on "DNS Client." Click the Stop button.
@ TheWindBringeth Thanks for the heads up and the links @ summerheat Have not done that before. I have to read documentation to find how to do this in uBlock Origin. @ Jarmo P India and my ISP is BSNL. Minimum internet broadband speed in India is still pathetic @ Liba Thanks. I will check and try that
Just block that IP in the global column in the Dynamic Filtering pane (where it should show up) and save that rule with the padlock.
You are using Chrome I think. Add uBlock Origin Websocket extension from gorhill. This idea came to me from another uBO post in wilders where I saw it blocking those websocket connection ads.