Comment by JohnMakin
1 month ago
couldn't they just hide their ad endpoints behind the proxy that serves their site? I can think of multiple ways to do this that aren't very difficult. I have had to implement something in my work to get past certain adblocking behavior that was going by domain
Sure, but now you've at least made them use a more expensive L7 proxy to do it, and you can decide to block malicious actors like that entirely (blocking the "good" domain).
nginx can do this pretty easily by just using proxy_pass directives, if I recall, it has been a while though
Yes, you can do it with an L7 proxy. You've been able to do that all along though, so I suppose there are reasons why surveillance networks prefer to not proxy through the websites that host their scripts. That has nothing to do with DoH to subvert network security monitors though.