New Update uBlock Origin/Nano Adblocker - User Tips, Questions and Issues Thread

F

ForgottenSeer 92963

I like less is more security and I sort of kept my baseline security the same the last two years (Boot driver policy = good only, Code Integrity Guard enabled for Office16 and Edge, Configure Defender on Max and recently changed Simple Windows Hardening from Standard to High).

I am using uBlockOrigin only for stuff Next DNS (blocking cloaked cname trackers) and Edge tracking protecting (on Strict) can' t block. So I have at the moment 92 rules in My Filters and have only enabled Adguard URL Tracking protection (less than 500 rules total :) ).

I am using advanced mode with the following rules.
no-scripting: * true
no-scripting: com false
no-scripting: net false
no-scripting: nl false
no-scripting: org false
no-scripting: ziggogo.tv false
* * 3p-frame block
* youtube.com 3p noop

I am still blocking 3p-frame because Google has delayed the planned limitation to interact with the user by third-party iframes (link). As far as I know the mid august withdrawal of this security improvement has been postponed (at least until december 15 this year).

Allowing only javascript on a few high level domains hardly gives me problems. When uBO blocks scripts the background changes from blue to purple, so I know what is the problem (with one click on </> icon scripts can be allowed for a website).

When you want to get notified that your surfing to a website which is not on the list of TopLevelDomains you allowed javascript for, you can add one rule to your My Filters section: ||*$document,domain=~com|~nl|~net|~org (explanation: ~ means "not" and | means "pipe", so block website loading except on com, nl, net and org)

1635349325840.png
 
Last edited by a moderator:

Jan Willy

Level 13
Verified
Top Poster
Well-known
Jul 5, 2019
607
I like less is more security and I sort of kept my baseline security the same the last two years (Boot driver policy = good only, Code Integrity Guard enabled for Office16 and Edge, Configure Defender on Max and recently changed Simple Windows Hardening from Standard to High).

I am using uBlockOrigin only for stuff Next DNS (blocking cloaked cname trackers) and Edge tracking protecting (on Strict) can' t block. So I have at the moment 92 rules in My Filters and have only enabled Adguard URL Tracking protection (less than 500 rules total :) ).

I am using advanced mode with the following rules.
no-scripting: * true
no-scripting: com false
no-scripting: net false
no-scripting: nl false
no-scripting: org false
no-scripting: ziggogo.tv false
* * 3p-frame block
* youtube.com 3p noop

I am still blocking 3p-frame because Google has delayed the planned limitation to interact with the user by third-party iframes (link). As far as I know the mid august withdrawal of this security improvement has been postponed (at least until december 15 this year).

Allowing only javascript on a few high level domains hardly gives me problems. When uBO blocks scripts the background changes from blue to purple, so I know what is the problem (with one click on </> icon scripts can be allowed for a website).

When you want to get notified that your surfing to a website which is not on the list of TopLevelDomains you allowed javascript for, you can add one rule to your My Filters section: ||*$document,domain=~com|~nl|~net|~org (explanation: ~ means "not" and | means "pipe", so block website loading except on com, nl, net and org)

Great respect for your work, but why do you believe that the security NextDNS offers (edit: regarding malicious sites), is not enough?
 
Last edited:
  • Like
Reactions: Nevi and oldschool
F

ForgottenSeer 92963

@Jan Willy

I am using all Next DNS malware protections and added blocking all non-latin character domains, so I think next DNS offers good services (for free).

Using first party script blocking is just an additional measure which blocks websites I normally don't visit anyway.

But you are raising a good point for discussion: with all improvements in Chromium based browsers, do people still need to block (third-party)scripts and iframes? Do No-Script and uBO medium mode add a lot more hassle for little real world security benefits?

That is why I mentioned the security measures Google withdraw for iframes. To be honest I have not made up my mind on that.

So opinions of members regarding the practical protection of uBO medium mode for Chromium browsers (not Firefox) are welcome.
 
Last edited by a moderator:
Jun 21, 2020
363
I think it's still relevant to a point. Most websites don't adapt as fast to a new programming or have (or had) a need for certain types of scripts and iframes for a specific purpose. I have come a cross quite a few websites that, despite their viewer count, still adopt old (obsolete?) iframes and 3p-scripts instead of fully integrating HTML5 for example. Lots of services, companies and their corresponding websites are guilty of this to a point.

Lack of adapting the websites in favour of removing third-party scripts and frames, while still having a reasonably higher viewer count. On one hand I can agree. Why fix it, if it isn't broken, right? But on the other hand, lack of adaptation of new programming can mean that you may be running a third-party script or service that you otherwise could have run on a first-party basis without additional spending.
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,706
But you are raising a good point for discussion: with all improvements in Chromium based browsers, do people still need to block (third-party)scripts and iframes? Do No-Script and uBO medium mode add a lot more hassle for little real world security benefits?
I think it's still relevant to a point. Most websites don't adapt as fast to a new programming or have (or had) a need for certain types of scripts and iframes for a specific purpose. I have come a cross quite a few websites that, despite their viewer count, still adopt old (obsolete?) iframes and 3p-scripts instead of fully integrating HTML5 for example. Lots of services, companies and their corresponding websites are guilty of this to a point.
I've been using Hard mode and like that I can click on search results freely, knowing I have the protection of µBO's firewall. Obviously this isn't convenient for most users, most of whom never change any default settings or filter lists. OTOH there is something attractive about a completely set-and-forget setup, much like running only an AV with the same convenience. Will the average number of mouse clicks change with this setup? Hmmm, I'm not so certain.

I'm waiting to see what changes developers make to meet the demands of Manifest V3 and what that landscape looks like, but I toy with the idea of going extension-free and using only built-in capabilities before then. 🤔🤔🤓
 
F

ForgottenSeer 92963

I toy with the idea of going extension-free and using only built-in capabilities before then. 🤔🤔🤓
I tried but the in-video ads on news websites and youtube are so annoying. Also without uBO/AG using AdGuard's remove URL parameter filter, there is no defense against this much used tracking mechanism. My less than 500 rules are from the remove URL-param filter and some 120 rules I either made myself or copied from AG/Ubo filters.

OLDSCHOOL said:
I've been using Hard mode and like that I can click on search results freely, knowing I have the protection of µBO's firewall.
It really is a pity it is not possible to exclude CSS stylesheets in hard mode.
 
Last edited by a moderator:

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
That is smart, but the allow option in dynamic filtering is gone in the ui. Allow can only be manually set in my rules. Is there an hidden option to get allow back?
Kees, Ctrl is tour new friend:
 
F

ForgottenSeer 92963

@Gandalf_The_Grey @Jan Willy @oldschool

My grandfather had 8mm films of Laurel & Hardy when I was little and my parents did not have a TV. I remember some phrases of them "Now look what you have done. What I fine mess you have brought me in". I created a second profile (red) in Edge with scripts disabled and hard mode blcoking with ccs, image and media allow.

1635454390072.png


... shame on you

:) thanks for the tips
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,706
@Gandalf_The_Grey @Jan Willy @oldschool

... I remember some phrases of them "Now look what you have done. What I fine mess you have brought me in". I created a second profile (red) in Edge with scripts disabled and hard mode blcoking with ccs, image and media allow.

... shame on you

:) thanks for the tips
Ha-ha! :LOL: I was able to learn Latin from stern yet kind Mr. Kosky with the wild eyebrows and long nose hairs in high school, but rule-writing is like Greek or Farsi to me so a couple of clicks in Medium/Hard mode is easier.

That said, I'd appreciate it if you posted your rules and static filters used in both of your profiles to further my adult education. All truly great artists agree, plagiarism is the most sincere form of flattery. ;)
 
Last edited:
F

ForgottenSeer 92963

@oldschool

The element picker of uBO can find class and style elements to hide. AdGuard's "block ads on this website" can even block by file reference. You only need to fiddle with the slider to select everything you want to block. Some times the add disapperas but a white placeholder keeps the space coccupied, than you have to repeat the procedure to hide the whitespace placeholder. Only when you see random numbers and letters the add is generated and varies every time you visit the website. For these type of ads to hide you need HTML and CSS knowledge to hide them. The documentation in uBO, AG and ABP refer for these advanced features to the W3C standards (e.g. CSS selectors).

Also ad-publishing is a moving target, every time publishers use new ways (e.g. inserting blob's or binary large objects) to prevent ads from being blocked by ad-blockers. So the per-website-rules I have may change in a week or in a month.

EDIT: @oldschool I added my easy and hard mode uBo configs, save your settings before import any of these. In the My Files I have explained the settings of Edge and what to change in My Rules when you would like to try easy mode
 

Attachments

  • Kees1958_ublock_easy_mode.txt
    3 KB · Views: 297
  • Kees1958-ublock-hard_mode.txt
    3.2 KB · Views: 268
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top