3. Necessary to use HTTPS on AdGuard Home interface when connecting via VPN?

Necessary to use HTTPS on AdGuard Home interface when connecting via VPN?

Can you explain the difference?

Between what? Server and client?

AdGuard is a DNS proxy: it is a server to the devices using it, and a client to the upstream servers it uses. It can also provide DNS to its clients via DoH or DoT. This is probably overkill if you're only running it inside your LAN.

I connect to my AdGuard via DoH because it's running on a VPS in Frankfurt.

whether it’s more secure to resolve DNS natively on my iPhone with AdGuard Pro using NextDNS DoH rather than do it via Tailscale to connect to my AGH at home which uses DoT and DoH upstreams.

Security-wise, it makes little difference. You have an encrypted connection all the way to the upstream resolving DNS server. At that point, it's purely a question of how much you trust the people operating the upstream server. Plus the performance penalty of routing stuff via a residential DSL/cable connection, which may or may not be an issue for you.

/r/selfhosted Thread Parent
Previous
Next

Recently removed from /r/selfhosted

Form for technicians daily activity Trying to setup wallabag with docker but constantly getting stuck, any advice is appreciated Why we're leaving the cloud (Basecamp, Hey founder) Reliable, iOS capable shared photo organization solution? Suggestion for a software to collate all the stuff I own [Home Inventory?] Kasm Workspaces - Container Streaming Platform Replacement for Google Music Server to replace Google Photos What is good self hosted alternative for https://1ty.me/ ? SimpleHelp - SelfHosted Remote Tech Support - Alternative to TeamViewer, LogMeIn, ScreenConnect, etc

More Random Comments

Lessons… how often ? Daily Roundtable: Community Q&A Make my teen belly grow it is just beautiful to look at! it is just beautiful to look at! What was 343 thinking with these ludicrous bullet sponge bosses? What's your "I got caught" story? Regarding Star Wars Jedi: Survivor - "To be clear, Stig never claimed Coruscant was a “freely explorable open world.” He only confirmed it as one of the destinations in the game." Art Scam Alert - Trinity Insurance & Financial Consultaion A woman known as “Disco Sally” dances with her husband at Studio 54, 1978 Nintendo refused to let Mario Bros go woke! Poll: Can you tell that Bryan Kohberger is guilty of the 1122 King Road murders by looking at him? Help me decide the better way of investing. Sunday Support What’s a haunting story from your high school that was told years after it happened?