I'm building this config to use on all my Apple devices (iOS, macOS) and Windows 10 PC. This list does a pretty good job of denying background queries by iCloud metrics and mobile apps (Google, Snapchat, Reddit, FB/Instagram), and blocking ads in mobile games when DNS settings are applied system wide on iOS.
You'll need an account with NextDNS. Remember to enable 2FA!
I am using NextDNS for Windows and NextDNS Apple Configuration Profiles to install this DNS setting to my devices. Not tested on router-based install.
I have enabled everything but Cryptojacking Protection, which is known to cause some issues.
You can see my list of Blocked Top-Level Domains (TLDs) here.
I am using oisd, 1Hosts (Lite) and Lightswitch05 - Ads & Tracking
I have enabled all of these. It blocks a pretty insignificant amount of queries overall, but hasn't broken anything.
Enabled
Disabled
I am not using these settings.
See my custom denylist.
Enabled, logging IPs and domains. I retain for 1 day for any necessary troubleshooting.
Disabled, compatibility and performance issues.
Enable everything
Disabled