Why Blocklist Choice Matters

A DNS blocker is only as good as the lists it uses. Add too few domains and ads slip through. Add too many and legitimate sites break unexpectedly — a phenomenon known as false positives. Choosing the right combination of blocklists is the difference between a smooth, ad-free experience and constant troubleshooting.

This guide covers the most reliable, actively maintained DNS blocklists and how to combine them effectively.

What Makes a Good Blocklist?

  • Regular updates: Ad networks change domains frequently. A list updated daily beats one updated monthly.
  • Low false positive rate: A good list blocks ads, not legitimate services.
  • Clear scope: The best lists are focused — ads, trackers, malware, or social — not a jumble of everything.
  • Active maintenance: Check the list's GitHub repository for recent commits and an active issue tracker where false positives are addressed.

Top DNS Blocklists

1. OISD (Big) — Best All-Rounder

The OISD Big list is widely regarded as the best single blocklist for home use. It blocks ads, trackers, malware, and phishing domains while maintaining an exceptionally low false positive rate. The maintainer actively reviews and removes false positives reported by users.

  • URL: https://big.oisd.nl
  • Format: Hosts, AdGuard, RPZ, and more
  • Updated: Several times daily

2. AdGuard DNS Filter — Best for AdGuard Home Users

AdGuard's own DNS filter is optimized for use with AdGuard Home. It covers major ad networks, trackers, and analytics services and is updated constantly by the AdGuard team.

  • Built into AdGuard Home's default filter list selection
  • Updated multiple times daily

3. Steven Black Hosts — Reliable and Established

This is an aggregated, unified hosts file merging several well-known sources (adaway.org, MVPs, yoyo.org, and others). Available in multiple "flavors" — base (ads only), plus social, plus fakenews, and more. Great for customizing what categories you want blocked.

  • URL: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

4. HaGeZi — Multi-Purpose Lists

HaGeZi maintains a comprehensive suite of lists including a Pro++ list that combines ads, tracking, phishing, and coin mining. The lists come in multiple sizes (Light, Normal, Pro, Pro++) so you can balance coverage with false positive risk.

  • URL: https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/pro.plus.txt

5. Disconnect.me Tracking Protection

Used internally by Firefox's Enhanced Tracking Protection, Disconnect.me's lists are well-curated and focused specifically on trackers. A good supplementary list to add alongside a broader blocker.

6. URLhaus (Malware) — Security Focus

Maintained by abuse.ch, URLhaus tracks URLs used for malware distribution. Adding this list means your DNS server will block requests to known malware-hosting domains — useful protection even if you don't care about ads.

  • URL: https://urlhaus-filter.pages.dev/urlhaus-filter-hosts.txt

Recommended Starter Combination

For most home users, this combination gives excellent coverage with minimal false positives:

  1. OISD Big — primary catch-all
  2. AdGuard DNS Filter — ads and trackers
  3. URLhaus — malware protection

Start lean. Add more lists only if specific ad types are getting through, and always check your query log when a site stops working — a blocklist may be the culprit.

Managing False Positives

No blocklist is perfect. When a legitimate site breaks, use your DNS filter's dashboard to:

  1. Check the query log for blocked domains from that site
  2. Add the domain to your whitelist (allowlist)
  3. Report the false positive to the blocklist maintainer on GitHub

Keep Lists Updated

Both Pi-hole and AdGuard Home can automatically update blocklists on a schedule. Set it to update at least every 24 hours — the ad tech landscape evolves quickly, and stale lists miss new domains.