New Update AdGuard DNS v2.18: A new tool for Parental control

[rashmi]

AdGuard DNS v2.18, brings a significant improvement to Parental control. Previously, it could block specific domains or individual content types, but larger groups of services were harder to manage. In this update, we’ve introduced category-based service blocking — a new, more convenient way to control access to predefined groups.

AdGuard DNS v2.18: A new tool for Parental control

AdGuard DNS v2.18, brings a significant improvement to Parental control. In this update, we’ve introduced category-based service blocking — a new, more convenient way to control access to predefined groups.

adguard-dns.io

 

[Bot]

AdGuard DNS v2.18, brings a significant improvement to Parental control. Previously, it could block specific domains or individual content types, but larger groups of services were harder to manage. In this update, we’ve introduced category-based service blocking — a new, more convenient way to control access to predefined groups.

AdGuard DNS v2.18: A new tool for Parental control

AdGuard DNS v2.18, brings a significant improvement to Parental control. In this update, we’ve introduced category-based service blocking — a new, more convenient way to control access to predefined groups.

adguard-dns.io

Nice find, thanks for sharing!

Category-based service blocking is actually a pretty meaningful upgrade for AdGuard DNS’ parental control:

• Before: You had to block specific domains (e.g. individual social networks, streaming sites, etc.) or certain content types. That’s flexible, but time‑consuming and easy to miss things.
• Now: You can block entire categories of services (for example, social media, adult content, games, etc., depending on how AdGuard groups them). This is much easier for non‑technical users to manage and maintain.
• Management: It should make it simpler to tweak rules over time — you can disable/enable a whole category instead of hunting down individual domains.

For people using AdGuard DNS as a “set and forget” solution for kids’ devices, this kind of category‑based blocking is usually much more practical than building a big manual blacklist.

If you try it out, it might be interesting to see:

• How granular the categories are (broad vs very specific)
• Whether there are many false positives/negatives
• How easy it is to override a single service inside a blocked category

Overall, this looks like a solid quality‑of‑life improvement for AdGuard DNS users relying on parental control.

 

[rashmi]

How granular the categories are (broad vs very specific)

The new category blocking is effective. I noticed an unexpected false positive; it blocked the Windows SmartScreen service, incorrectly classifying it as chat/forums. The video category also blocks some news and other websites with videos, not just streaming and pirated content. Unblocking websites is simple but not user-friendly. Unlike NextDNS, I had to allow three YouTube URLs to make it work. The allowed list details suggest it allows domains and subdomains, similar to NextDNS.

 

[Bot]

The new category blocking is effective. I noticed an unexpected false positive; it blocked the Windows SmartScreen service, incorrectly classifying it as chat/forums. The video category also blocks some news and other websites with videos, not just streaming and pirated content. Unblocking websites is simple but not user-friendly. Unlike NextDNS, I had to allow three YouTube URLs to make it work. The allowed list details suggest it allows domains and subdomains, similar to NextDNS.

Your observations are very useful, especially for anyone considering AdGuard DNS parental controls.

SmartScreen being blocked
Blocking Windows SmartScreen is quite concerning from a security standpoint:

• SmartScreen is part of Windows’ built‑in protection (reputation checks for downloads, sites, and apps).
• If AdGuard DNS is misclassifying it as chat/forums, that’s a definite false positive and worth reporting to AdGuard so they can fix the category mapping.
• Until then, explicitly allowlisting the SmartScreen domains is important to avoid weakening Windows’ native protection.

If you’re willing, sharing the exact hostname(s) that got blocked (from AdGuard DNS logs) could help other users do the same allowlisting.

Video category being too broad
What you’re seeing (news sites and regular sites with embedded video getting blocked) is pretty typical of DNS‑level “video/streaming” categories:

• A lot of sites host video on the same domains/CDNs as their main content.
• DNS filters can’t easily distinguish “YouTube as homework help” from “YouTube as entertainment” – it’s all the same domain set.
• So it often turns into “block more than you intend and then manually allow exceptions”, which is exactly what you’re experiencing.

This is one area where AdGuard (and others) could really benefit from more granular sub‑categories or clearer descriptions of what’s included.

Allowing specific sites & YouTube differences vs NextDNS
Your comparison with NextDNS is interesting:

• If AdGuard required you to allow three separate YouTube‑related domains, it likely means their “service group” for YouTube is less consolidated than NextDNS’s.
• NextDNS has spent a lot of time on service grouping (YouTube, Netflix, etc.), so allowing/blocking “YouTube” often just works with a single toggle.
• AdGuard’s “allows domains and subdomains” note means it behaves similarly at the DNS level, but their service mapping may still be less mature.

This is not “wrong” technically, but it’s definitely less user‑friendly for non‑technical users who don’t want to chase multiple hostnames.

Usability: simple but not user‑friendly
You’ve hit the key problem with many DNS parental control solutions:

• The logic is simple: block category → allowlist what breaks.
• But the UX isn’t: you have to understand which domains to allow and why (SmartScreen, YouTube’s support domains, CDNs, etc.).
• Compared to NextDNS, AdGuard DNS clearly has some catching up to do on “service‑level” abstraction and better labeling.

Practical suggestions you might consider
If you keep testing AdGuard DNS:

• Report misclassifications (like SmartScreen) to AdGuard – they do adjust categories over time.
• Log review: Use the query log heavily to see what’s being blocked when something breaks, then allowlist only what’s necessary.
• Be careful with broad categories like “Video” if you need news / learning sites – you might be better off:
  • Not using that category at all, and
  • Blocking only specific services (e.g. YouTube, TikTok, etc.) plus enabling SafeSearch/Restricted Mode where possible.
• Combine with OS/app‑level controls for kids instead of relying only on DNS categories (Windows Family Safety, browser profiles, etc.).

Your feedback (false positives + UX friction vs NextDNS) is exactly the kind of thing that will help others decide whether AdGuard DNS is “ready” for parental control as their main solution or better as a supplement.

 

[rashmi]

What you’re seeing (news sites and regular sites with embedded video getting blocked) is pretty typical of DNS‑level “video/streaming” categories:

NextDNS's "Video/Streaming" category works well, but it allows many streaming and pirated networks. Cloudflare Gateway DNS also blocks some regular sites with videos, but it has a large "Applications" category, which allows the selected applications and related websites.

If AdGuard required you to allow three separate YouTube‑related domains, it likely means their “service group” for YouTube is less consolidated than NextDNS’s.

AdGuard has a "Services" section that covers YouTube. I tested category blocking and disabled other protections, but AdGuard still blocked YouTube videos and images. If I remember well, Cloudflare's "Applications" category allows the selected app, its website, and related things. I guess NextDNS "Services" works the same as Cloudflare.

 

[Bot]

NextDNS's "Video/Streaming" category works well, but it allows many streaming and pirated networks. Cloudflare Gateway DNS also blocks some regular sites with videos, but it has a large "Applications" category, which allows the selected applications and related websites.

What you’re describing is a good example of how different DNS services “tune” their categories very differently.

NextDNS: tuned for usability, but looser on piracy
Your experience matches what many users report:

• Pros: Video/Streaming is relatively well‑balanced – fewer false positives on normal sites with embedded video.
• Cons: Because it’s tuned not to break too much, a lot of streaming/piracy platforms still slip through unless you:
  • Use additional blocklists (e.g. piracy‑focused lists), or
  • Block specific services/domains manually.

So it “feels” smoother day‑to‑day, but it’s not a strict parental‑control filter out of the box.

Cloudflare Gateway: stricter, with app‑centric control
Cloudflare Gateway is more enterprise‑oriented, and that shows:

• Stricter categories: More regular sites with video content get blocked, similar to what you saw with AdGuard’s video category.
• Applications catalog: The big advantage is the Applications / SaaS catalog:
  • You can allow a whole app (e.g. YouTube, Discord, Teams) as a unit.
  • That usually includes the main domain plus related subdomains and support sites.
  • It’s closer to how NextDNS handles “Services”, but Cloudflare’s catalog is broader and aimed at policy management.

This model is more “policy‑driven”:

• Block broad categories (e.g. streaming, social media)
• Then explicitly allow only the apps you want kids or users to have.

Where this leaves AdGuard DNS (for now)
Based on what you’ve shared so far:

• AdGuard’s new category blocking is powerful, but still a bit rough (false positives like SmartScreen, broad video blocking).
• NextDNS feels more polished for home/parental control in terms of presets and service mapping.
• Cloudflare Gateway is strong if you like the “applications allowlist” model and don’t mind a slightly more technical/enterprise UI.

Practical approach you might consider
Depending on your goal:

• For kids/parental control:
  • NextDNS with:
    • Video/Streaming enabled
    • Extra blocklists (piracy, adult, etc.)
    • Manual blocks for specific services you don’t want
  • Or Cloudflare Gateway with:
    • Stricter categories on, and
    • Only specific “Applications” explicitly allowed.
• For general home use with fewer breakages:
  • NextDNS tends to be the least frustrating day‑to‑day.

Your comparisons are very helpful — if you test more (e.g. how each handles specific services like Twitch, Telegram, IPTV sites), sharing those details would give a clearer picture of which DNS is best for what kind of user.

AdGuard has a "Services" section that covers YouTube. I tested category blocking and disabled other protections, but AdGuard still blocked YouTube videos and images. If I remember well, Cloudflare's "Applications" category allows the selected app, its website, and related things. I guess NextDNS "Services" works the same as Cloudflare.

What you’re seeing with AdGuard DNS fits with how their new system might be wired internally – and why it feels less “app‑aware” than NextDNS or Cloudflare right now.

Why AdGuard “Services: YouTube” doesn’t fully unblock YouTube
From your test (only category blocking enabled, other protections off, “YouTube” service allowed but videos/images still blocked), a few things are very likely:

• Category rules seem to override or bypass the Service rule for some YouTube‑related domains (e.g. ytimg.com, googlevideo.com, ggpht.com, etc.).
• Alternatively, the YouTube service definition is incomplete – i.e. the “YouTube” object doesn’t contain all the CDNs / media hosts needed for video and thumbnails.
• Either way, it means AdGuard’s Services abstraction isn’t yet behaving as a clean “allow this app and everything it needs” layer.

Without their internal docs or code, it’s impossible to say which is correct, but your test strongly suggests:

• Category blocking is still fairly domain‑pattern driven, and
• The “YouTube” service toggle is not fully overriding those patterns.

Cloudflare Applications vs NextDNS Services vs AdGuard Services

From user reports and documentation:

• Cloudflare Gateway – Applications
  • “YouTube” as an Application usually includes:
    • The main site (youtube.com)
    • Media/thumbnail hosts
    • Related Google infrastructure
  • Policy is often: Application allow → implicitly allow the associated domains, even when broad categories are blocked.
• NextDNS – Services
  • Very similar model to Cloudflare’s:
    • “YouTube” as a single object/service.
    • Allow/block it and NextDNS handles most of the underlying hostnames for you.
  • In practice this feels more consistent than what you’re seeing with AdGuard.
• AdGuard DNS – Services (current behavior you observed)
  • Has a “YouTube” service, but:
    • Category blocking can still break video/images.
    • You needed multiple manual allows to fix it earlier.
  • So right now, it behaves more like:
    • “Services” = helpful presets, but
    • Not a full “application object” that always overrides categories.

How you can work around this with AdGuard DNS

Until AdGuard refines this:

• Option 1 – Don’t use the broad video category if you want YouTube to “just work”.
  • Disable the Video/Streaming‑type category.
  • Rely on:
    • Services toggles (YouTube, Netflix, etc.)
    • Plus a piracy/adult blocklist if needed.
• Option 2 – Keep the category, but manually allow key domains
  • Use the query log to see exactly what’s blocked when YouTube breaks.
  • Allowlist those specific domains (e.g. ytimg.com, googlevideo.com, etc.).
  • This is basically what you already had to do – just more systematic.
• Option 3 – Report it to AdGuard
  • Provide:
    • Your profile type (AdGuard DNS, not Home)
    • Enabled categories
    • “YouTube” service status
    • Sample blocked domains + their category as shown in logs.
  • This looks like either:
    • A bug in precedence (Service allow should override category block), or
    • An incomplete YouTube service definition.

Bottom line
Your guess is fair: Cloudflare “Applications” and NextDNS “Services” behave more like full app objects, while AdGuard’s current implementation feels more like “labels on domains” that don’t always override category logic correctly.

For now, if you want the cleanest “toggle YouTube on/off as a whole app”, NextDNS or Cloudflare Gateway are still ahead, and AdGuard DNS’ new categories are promising but not yet as polished in that aspect.