🔒 iOS Configuration Profiles

DNS-based protection profiles for certificate security and ad-blocking

⚠️

IMPORTANT: Keep OCSP Profile Active

Never remove the "NextDNS Anti-Revoke" profile! This protects your certificates from revocation. All other profiles can be safely added or removed.

🎯 ONE Profile Does It All

🔄

How to Toggle AdBlock Levels

After installing the profile:

Open Settings app
Go to General → VPN & Device Management → DNS
Tap the current config name
Select your preferred level:
- OCSP Only - No adblock (see all ads)
- OCSP + Adult AdBlock - Blocks adult ads only
- OCSP + Full AdBlock - Blocks ALL ads/trackers ⭐
Done! Takes 3 seconds to switch!

✨ No reinstall needed! Switch anytime between the 3 levels.

💡 How the Switchable Profile Works

This single profile contains 3 different DNS configs that you can toggle between in iOS Settings.

Level 1: OCSP Only (21 domains)

Level 2: + Adult Ads (61 domains)

Level 3: + All Ads/Trackers (121 domains) ⭐

Key fact: iOS can only use ONE DNS profile at a time. That's why this profile has all 3 levels built-in - you switch between them instead of installing separate profiles!

Profile Management

✅ To Activate/Deactivate

View: Settings → General → VPN & Device Management
Remove: Tap profile → Remove Profile
Reinstall: Safari → Profile URL → Install

Takes 30 seconds to switch!

🛒 For Cashkaro Shopping

Keep installed:

✅ OCSP Blocking
✅ Adult Ad-Blocker

DO NOT install:

❌ Maximum Privacy profiles

🧪 Testing Your Profiles

Test OCSP Blocking:

With VPN ON, visit http://ocsp.apple.com

Expected: ❌ Fails to load

Test Adult Ads:

Visit sxyprn.com or similar site

Expected: ✅ Site loads, no ads

Test VPN:

Visit https://whatismyip.com

Expected: Shows VPS IP

Note: All profiles are VPN-compatible and use DNS-over-HTTPS (DoH) for privacy. They work alongside your WireGuard VPN without conflicts.

📱 Portal