IT Services in Kazakhstan, DNS, Pi-hole, ProxMox Container, Cyber Security

How to setup Pi-Hole to block trackers and ads

Pi-hole is an open-source Linux based network-level advertisement and Internet tracker blocking application which acts as a private DNS. (Optionally a DHCP server) It is designed for low-power embedded devices with network capability, such as the Raspberry Pi. But it can be installed on almost any Linux machine.

We are able to block advertisements & tracking domains for desktops, mobile devices, or any other smart devices which are staying behind Pi-hole. As for functions, it’s quite similar to a network firewall.

Pi-hole is useful at home network to block ads and trackers to protect yourself. Meanwhile you can use Pi-hole to block any sites or apps that shouldn’t be showing up on the devices of your family members, especially for kids.

In this example, we are going to install Pi-hole on LXC container on ProxMox, as it’s lightweight, takes up less disk space, CPU and memory.

  • Choose storage on the ProxMox, find CT templates, click Templates
  • On Search bar type Ubuntu, and choose version 22.04 standard to downalod. As soon as CT template is ready, click Create CT on ProxMox.

Here is the basic settings for Pi-hole container:

  • General: type host name as you want, and set password for root user, click next
  • Template: select the one we have downloaded, eg ubuntu-22.04-standard_22.04-1_amd64.tar.zst
  • Disk: type disk size, eg, I use 4 GB
  • CPU: select the core numbers, normally pi-hole consumes low computing resource, it means 1 core should be enough.
  • Memory: 512 MB
  • Network: Pi-hole needs fixed IP address, we have to set the IP manually, eg 10.10.100.110/24, then type your network gateway.
  • DNS: leave them as default, we will change this after Pi-hole up and running, in that case DNS server will be 10.10.100.110 (as we set previously).
  • Confirm and start the container.

It’s highly recommended to update the container. Also curl needs to be installed:

apt update 
apt upgrade
apt install curl

Install Pi-hole

curl -sSL https://install.pi-hole.net | bash

Please select default options to continue. Regarding upstream DNS, feel free to choose the one that you normally use, I use Cloudflare. At last, it will show you the control panel with password.

Use web browser to access http://10.10.100.110/admin.

In order to block ads and tracking, we need to update the adlists, by default there is only 1 adlists.

Firebog (https://firebog.net/) is the most popular site that regularly updates the blacklist. You can copy the lists (eg lists in green and blue, or please check reading points for more on Firebog) and add them to new adlist on the Pi-hole. it’s possible to copy more lists and add them in single adlist on Pi-hole, shown below.

After you finish the adding lists, go to Tools, Update Gravity, and click update, wait for a few seconds before it is marked as Success. Otherwise adlists that we have added above won’t take effect on Pi-hole.

As you can see, I have more than 5.7 million blocked domains on my list, and the block rate is up to 36.5%!

Last thing is to set the IP address (in our example 10.10.100.110) of your Pi-hole as your local DNS server, normally you can add this on your local DHCP server.

Note: in some cases, web sites you need might be blocked out by adlists, in this case you can unblock them by adding them to whitelist: Go to Query Log, Show All, and search the domain (eg windows.com), add them to whitelist if blocked.

Leave a Reply

Э-пошта мекенжайыңыз жарияланбайды. Міндетті өрістер * таңбаланған