modDNS beta - audited DNS filtering with granular controls

In short

modDNS is now available in beta for select IVPN customers. This standalone DNS service developed by the IVPN team blocks ads, trackers, and malicious domains at the DNS level with granular filtering controls.

Starting today, IVPN Pro customers with at least one year remaining on their accounts can access modDNS beta at no additional cost. Check your account dashboard for the modDNS tab to get started.

Why modDNS

DNS queries reveal browsing behavior to ISPs and help third-party tracking networks to build profiles of your activity. IVPN’s built-in AntiTracker addresses this issue by filtering common tracking domains using pre-defined blocklist combinations. modDNS extends this protection with configurable blocklists, custom rules, and optional query logging.

You can set up modDNS system-wide on any operating system, within IVPN apps, or directly in browsers. The service supports DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), and DNS-over-QUIC (DoQ) for encrypted DNS traffic.

modDNS features

modDNS provides control over DNS filtering through several features:

Blocklists > Choose from curated combinations or add community-compiled lists such as Hagezi, OISD, AdGuard, StevenBlack, etc. Enable or disable lists based on preferred balance between protection and potential breakage.

Custom Rules > Add specific domains to your Allowlist or Denylist. Allowlist entries override active blocklists for better control over what you want to access. Denylist entries block domains not covered by existing lists.

DNS Profiles > Create multiple configurations for different use cases. Each profile has a unique identifier for device setup, allowing different blocking rules for separate devices.

Query Logging > Optional logging (disabled by default) with configurable retention periods. Device identifiers can be appended to logs for better visibility and troubleshooting options.

Open-source and audited

The entire modDNS codebase is available on GitHub for verification.

Further, an independent security audit by Cure53 was completed in 2025 before beta launch.

The audit identified three findings: one medium-severity vulnerability related to TOTP backup code generation, one low-severity rate-limiting issue on 2FA verification, and one info level finding about password complexity checks during updates. All issues were addressed before release.

No high or critical severity vulnerabilities were discovered during the six-day assessment by four senior testers.

From the audit report:

“The tested scope was found to demonstrate a solid security foundation, with only minor weaknesses being identified across the entire application stack during this assignment. The development team has implemented effective security practices in order to avoid conventional web application vulnerabilities, with most attack vectors being successfully defended against through good design and implementation choices."

What is coming

Several improvements are planned as modDNS moves toward full release. The exact order will depend on beta feedback and technical considerations, but here’s what we’re working on:

• Expanding server coverage to improve DNS resolution speed outside of North America and Europe

• Ongoing network routing and performance optimizations

• Blocking specific services (Facebook, Amazon, Google, etc.)

• Blocking specific categories (adult, gambling, etc.)

• Statistics page

• ipv6 support

Beta disclaimer

modDNS is in active development. You may encounter occasional downtime or unexpected changes as we improve the service. Do not rely on modDNS for critical workflows until full release.

Getting started

Visit your IVPN My Account page and look for the modDNS tab. IVPN Pro customers with at least one year remaining on their accounts can sign up for the service via a unique registration link.

After registration, modDNS-related identifiers are removed from IVPN systems to prevent association between accounts. modDNS will remain free for beta participants after launch as long as they maintain an active IVPN subscription.

Feedback

Send your feedback about the service to moddns@ivpn.net, or open an issue on GitHub. We are particularly interested in blocklists tests, performance feedback, and feature requests that would improve your DNS filtering workflow.

Thank you for testing modDNS with us!

IVPN Staff

Featured posts

Related posts

Releases

V2Ray Obfuscation Now Available on All IVPN Platforms

Posted on November 28, 2025 by Viktor Vecsei

With the recent release of V2Ray support for Android, IVPN now offers this method of obfuscation across all supported platforms: Windows, macOS, Linux, iOS, and Android. This completes our commitment to supporting customers in countries with restrictive internet policies, or who connect from networks that block VPN traffic.

Releases

Mailx beta launch - Audited, open-source email aliasing service

Posted on July 14, 2025 by Juraj Hilje Viktor Vecsei

In short Today we are launching Mailx, an email aliasing and forwarding service built and operated by the IVPN Team. Mailx is in closed beta, first available free to IVPN Pro customers with at least one year of remaining time on their account, with new invite rounds to follow.