Banish Advertising From Your Whole Network with Pi-Hole

Pi-Hole_admin_interface
PDF24    Send article as PDF   

What is Pi-Hole?

Pi-Hole is a Linux network-level advertisement and internet tracker blocking application which acts as a DNS sinkhole (And optionally a DHCP server), intended for use on a private network. It is designed for use on embedded devices with network capability, such as the Raspberry Pi, but can be used on other machines running Linux and cloud implementations.
Pi-Hole has the ability to block traditional website adverts as well as adverts in unconventional places, such as smart TVs and mobile operating system adverts.

The Pi-hole project was created by Jacob Salmela as an “Open Source” alternative to the AdTrap.

The Pi-hole makes use of dnsmasq, cURL, Lighttpd, PHP and the AdminLTE Dashboard to block DNS requests for known tracking and advertising domains. The application serves as a DNS server for a private network (Replacing any pre-existing DNS server provided by another device or the ISP), with the ability to block advertisements and tracking domains for users’ devices. It obtains lists of advert and tracking domains from predefined sources (Which can be modified by the user) that the Pi-hole uses to compare DNS queries to. If a match is found within any of the lists, or the user blacklist, the Pi-hole will refuse to resolve the requested domain and respond to the requesting device with a blank webpage.

Because Pi-hole blocks domains at network level, it is able to block advertisements, such as banner adverts on a webpage, but it can also block adverts in unconventional positions, such as on Android, iOS and smart TVs.

The nature of Pi-hole allows it to also block website domains in general by manually blacklisting the domain name. Likewise, domains can be whitelisted manually should a website’s function be impaired by domains being blocked. Pi-hole can also function as a network monitoring tool, which can aid in troubleshooting DNS requests and faulty networking troubleshooting.

Most DNS servers work by translating a URL into an IP address. Pi-hole does that and more. It waits until your computer or device requests a URL for an ad, and then returns no address for that ad. That effectively stops ads from being displayed.

Pi-hole also supports advanced privacy settings which work hand-in-hand with a VPN to keep your browsing information secure.

Pre-Check:

Set up Raspbian Lite

I bought a Raspberry Pi model 3 B along with the official Raspberry Pi foundation Case. Then I bought a Samsung Evo+ 8GB microSD card, and did the following steps for a MacBook to setup the Pi’s OS:

  1. Download Raspbian Jessie Lite. Expand the downloaded Zip file.
  2. Insert the microSD card (in the SD adapter) into your SD card reader.
  3. Open Terminal, and run  diskutil list
  4. See which disk the microSD card is (e.g.  /dev/disk2), then unmount the card:  diskutil unmountDisk /dev/disk2).
  5. Change directories into the directory where you downloaded Raspbian Jessie Lite (e.g.  cd ~/Downloads).
  6. Run the following command to write the disk image to the microSD card:  sudo dd if=2017-03-02-raspbian-jessie-lite.img of=/dev/rdisk2 bs=1m
    • Use the filename for the image version you downloaded; it might be different than the  if shown above.
    • Note that the  of (output) is using  /dev/rdisk2—don’t use  /dev/disk2 because that will result in a much slower copy operation.
    • If you have pipeviewer installed, you can use  pv yyyy-mm-dd-raspbian-jessie.img | sudo dd of=/dev/rdisk2 bs=1m instead to show copy progress.
  7. After the copy is finished, you should see a new  boot SD card mounted on your computer.
  8. Create an ‘ssh’ file to tell Raspbian to enable SSH on boot (so you can log into the Pi remotely): in Terminal, run  touch /Volumes/boot/ssh
  9. Eject the boot volume, and put the microSD card into your Raspberry Pi.

Note: Don’t use WiFi for Pi Hole, because that would introduce a lot of latency for DNS calls. It’s better to plug your Pi (no matter what flavor) into the wired network so it doesn’t become a bottleneck for your Internet connection!

OK once you have set your Pi up and the WiFi is connecting to your home or office network, and your can  ssh into it, continue with these easy steps! If you cannot connect via  ssh yet, go back and read some of our guides until  you are able to log into your Pi.

Change Hostname

I like to do this first so I dont get confused between all the different Pi’s in the house

Edit the hostname with  sudo nano /etc/hostname and put something else on that first line, like  pi-hole.

Reboot and when you ssh in again, use  pi-hole.local.

Now’s also a good time to change the Pi’s password with  passwd.

Reboot the Raspberry Pi, use  sudo reboot.

Installing Pi-hole:

Pi-hole makes it as easy as possible to download and get running with a one-line script that starts up a menu-based installer. If you have any experience with Linux and networking, you won’t need too much help. Here’s how I installed Pi-hole, step by step.

The first thing you’ll need to do is open up a console window if you’re using a graphical version of Raspbian. If you haven’t installed a window manager, you can do this right from the command line.

Pi-hole uses curl to download the installation script, which is then executed by the bash shell. Here’s the command you need to type:  sudo curl -sSL https://install.pi-hole.net/ | bash

The installer will check to make sure you’ve got the proper privileges and confirm you have enough disk space.

Block mobile ads with Pi-hole - Installing Pi-hole

Then you’ll be asked to press Ok to begin the Pi-hole installation.

Setting up DNS on Pi-hole

The very first step of the installation process is setting up Pi-hole’s DNS passthrough.

Block mobile ads with Pi-hole - Installing Pi-hole

Pi-hole will handle all of the DNS requests to block mobile ads itself, but it passes the rest along to another DNS provider. Google and OpenDNS are both safe choices.

If you need advanced privacy features like DNSSEC and DNScrypt, Pi-hole recommends you select Google or Norton DNS servers.

Block mobile ads with Pi-hole - Installing Pi-hole

I chose to use Google’s DNS servers with this install and added in OpenDNS and custom servers as a backup in a later step.

If you’re using a VPN, you’ll need to select Custom and enter your VPN provider’s DNS servers. IPVanish users should set the custom DNS servers to 198.18.0.1 and 198.18.0.2. If you’re using a different VPN provider, you’ll need to search the web for their DNS servers or check your VPN configuration files.

Setting up your network

Once you’ve told Pi-hole where to send your DNS traffic, the next step is telling Pi-hole about your local network. You’ll need to set the gateway address, and assign Pi-hole a static IP.

Block mobile ads with Pi-hole - Installing Pi-hole

Pi-hole will block mobile ads over both IPv4 and IPv6 networks. Because I don’t use IPv6 on my LAN, and most people don’t either, I think it’s a good idea to uncheck IPv6 for now. Disabling IPv6 will slightly reduce Pi-hole’s memory footprint.

Block mobile ads with Pi-hole - Installing Pi-hole

Next you’ll be given the option of just making your assigned IP address static. There are a handful of reasons why you should click No and manually assign an address. The most important being that you don’t want to assign a static address from within the DHCP pool because it could lead to a conflict when your router tries to hand out the address again.

But before you move on, make a note of your Gateway IP address, you’ll need it soon.

Block mobile ads with Pi-hole - Installing Pi-hole

I like to set the IP address to x.x.x.2/24. In most cases this will be 192.168.1.2/24 or 10.0.0.2/24. Traditionally your gateway router is assigned x.x.x.1/24 and DNS servers are given an address very close to that.

You’ll also want to note of the Pi-hole IP address you’ve chosen. You’ll need it later.

Block mobile ads with Pi-hole - Installing Pi-hole

Now you’ll need to specify your router’s IP address, it’s the same one that Pi-hole showed you in a previous step. Type it in and click Ok.

You’ll be asked to confirm your static IP address. If everything looks right, click Yes.

Finishing the installation

The final portion of the installation is focused on enabling or disabling a few core services in Pi-hole.

Block mobile ads with Pi-hole - Installing Pi-hole

Make sure you install the web interface. You’ll need it to manage Pi-hole after it’s installed.

Block mobile ads with Pi-hole - Installing Pi-hole

I also enabled logging to make my graphs work properly. If you’re running a bunch of different servers on your Raspberry Pi, or if it’s an old model, you can shut off logging to free up a bit more memory.

You will want to disable logging if you’re using Pi-hole with a VPN in order to protect your privacy. Pi-hole keeps real-time logs of which sites it blocks, and which ones are allowed through, in order to generate usage graphs–and these logs aren’t encrypted.

Block mobile ads with Pi-hole - Installing Pi-hole

The installation will begin using the settings you chose. You can watch its progress in the console, but if you’re using a stock Raspbian build it will complete successfully.

Block mobile ads with Pi-hole - Installing Pi-hole

When Pi-hole is installed, you’ll see a short summary of the settings. Make a note of the administrator password that Pi-hole chose for you. You’ll need it to login and configure your server in the next step.

Before you click Ok to finish the installation, it’s a good idea to bookmark the link to Pi-hole’s web interface on your computer.

The Web interface password needs to be reset via the command line on your Pi-hole. This can be done locally or over SSH. You will use the  <em>pihole</em> command to do this:  pihole -a -p.

You will be prompted for the new password. If you enter an empty password, the password requirement will be removed from the web interface.

Configuring Pi-Hole:

Pi-hole will block mobile ads as soon as it’s installed, but I like to make a few changes on the web console to increase security and reliability. Start by opening the web interface and logging in. You’ll need to access it using the URL you were shown at the end of the installation. In my case, the web interface is at http://10.0.0.2/admin or http://pi-hole.local/admin but your network may be different.

Pi-Hole Admin Page

Once the Pi-hole web interface is open, click the Login link.

Block mobile ads with Pi-hole - Configuring Pi-hole

Enter the administrator password that was given to you at the end of the Pi-hole installation and click the Log in button.

Block mobile ads with Pi-hole - Configuring Pi-hole

Now you’re able to view the full web interface and make changes. Click the Settings link to get started configuring Pi-hole.

Block mobile ads with Pi-hole - Configuring Pi-hole

In order to provide some redundancy, add a few more upstream DNS servers. Since I used Google’s DNS servers during the installation, I like to check the OpenDNS boxes, and check one Custom box to add my router.

These servers will only be used if Google’s DNS servers are offline. Pi-hole fails over seamlessly to the backup servers, so you won’t experience downtime.

Remember to click the Save button when you’re finished making changes.

Whitelisting sites

If you have any sites that need to be whitelisted, so ads won’t be blocked when you visit, you should add them now. For instance, many users whitelist their online banking and email websites.

Block mobile ads with Pi-hole - Configuring Pi-hole

One of the reasons I prefer Pi-hole over uBlock Origin or Adblock Plus, aside from mobile device support, is the way that you can establish a single centralized whitelist.

When you’re finished, click the Save button at the bottom of the page to save your changes. It’s a good idea to restart your Raspberry Pi after making these changes to ensure that they’re active.

Updating the block list

Pi-hole keeps track of what ads to block by using lists of known ad servers. You can and should add to these lists, and you need to update them as part of a new Pi-hole installation.

You’ll need to connect to the Pi-hole web interface and log in with your password. Then open the Settings menu, and look for Pi-hole’s block lists. It will be collapsed by default, so click the plus to expand it.

Block mobile ads with Pi-hole - Configuring Pi-hole

Scroll to the bottom of the list and look for the text box at the bottom of the page. Copy and paste your new block list entries here.

I recommend Wally3k’s block lists as a start. Open the site in a separate tab, and you’ll see that you need to choose a list to add. Ticked lists is the most selective, and isn’t likely to interfere with your browsing. Using All lists will block the most ads, but you’ll need to whitelist websites like PayPal. Non-crossed lists is roughly in the middle.

Block mobile ads with Pi-hole - Configuring Pi-hole

Once you’ve decided which list to use, click the link.

Block mobile ads with Pi-hole - Configuring Pi-hole

Press Ctrl+A to highlight the entire document, then copy it.

Block mobile ads with Pi-hole - Configuring Pi-hole

Switch tabs and paste the entire list in Pi-hole.

Block mobile ads with Pi-hole - Configuring Pi-hole

Click the Save and update button when finished. Pi-hole will add the new lists and update itself.

Block mobile ads with Pi-hole - Configuring Pi-hole

You’ll be shown the console output of Pi-hole’s update process for easy troubleshooting.

Block mobile ads with Pi-hole - Configuring Pi-hole

When the update is finished, Pi-hole will display a message telling you that blocking has been enabled again. You can close the web interface if you’re finished.

Using the Pi-hole teleporter

If you’d rather not copy and paste list entries, you can import them using the teleporter. The Pi-hole teleporter will let you backup and restore your lists, or import a list you’ve downloaded.

Block mobile ads with Pi-hole - Configuring Pi-hole

Be sure to check the proper boxes before you begin the import process with teleporter. Blacklists, unless they’re otherwise indicated, are usually exact and not wildcard. Pi-hole will update the block lists automatically after an import.

Now that you’re using the latest lists, you’re ready to add clients to your Pi-hole server.

Using DHCP to Automatically Block Mobile Adverts:

The next step is to tell all the devices on your network to use your Pi-hole server. Your DNS server is assigned by your router at the same time it gives out IP addresses with DHCP. So editing your router’s DHCP settings will let you set Pi-hole as your DNS server, seamlessly enabling Pi-hole for your entire network.

If you don’t have any access at all to your router and cannot make changes that affect the entire network, skip to the next section for help setting up your devices individually.

Using Pi-hole with your router’s DHCP to block mobile ads

The easiest way to block mobile ads on your home network is to add your Pi-hole DNS server to your router’s DHCP settings. If you do, every device and computer on your network will be told to use Pi-hole by default, and you won’t have to make any changes at all to the individual machines.

Block mobile ads with Pi-hole - Using Pi-hole

Start by opening your router’s web interface in a browser, then find the DHCP settings. On my Linksys router, DHCP settings are in the Connectivity menu.

Block mobile ads with Pi-hole - Using Pi-hole

Once the menu is open, click the Local network tab.

Block mobile ads with Pi-hole - Using Pi-hole

Then set the primary DNS server to your Pi-hole’s IP address.

When you’ve finished setting up your router to block mobile ads, make sure to click Ok to apply the DHCP settings. You’ll need to disconnect each computer and mobile device from your wireless network, then reconnect it for the changes to propagate.

Using Pi-hole instead of your router’s DHCP to block mobile ads

A lot of routers, especially ones provided by your ISP, will only use the DNS servers that they are assigned. In that case, you should disable your router’s DHCP server and turn on the one built into Pi-hole.

Block mobile ads with Pi-hole - Using Pi-hole

Open your router’s web interface and find your DHCP server settings. On my router, they were in the Connectivity menu. Yours may be different.

Block mobile ads with Pi-hole - Using Pi-hole

I found the DHCP server settings in the Local network tab.

Block mobile ads with Pi-hole - Using Pi-hole

And unchecked the DHCP server box to disable DHCP on the router.

Be sure to save your settings, then close out of your router and log in to the Pi-hole web interface. All that’s left is to enable DHCP in Pi-hole.

Block mobile ads with Pi-hole - Using Pi-hole

In Pi-hole, click the Settings link and scroll down to the Pi-hole DHCP server menu. Check DHCP server enabled to turn on Pi-hole’s DHCP service, and double check that the IP address of your Router is correct. Click Save when you’ve finished.

Now Pi-hole is responsible for handing out IP addresses on your home network. It will tell your devices to use Pi-hole as their primary DNS server and automatically block mobile ads.

Manually Blocking Ads On Each Device:

If you can’t set up DHCP to use Pi-hole to block ads, you can still configure each device’s DNS settings individually. Here’s how to manually block ads on your computer and mobile devices with a Pi-hole DNS server.

Block ads in Windows

From the control panel, you’ll need to to open the Network and internet menu and select Network connections. This screen will show you all of the ways that your computer can connect to a network and let you make changes.

Block mobile ads with Pi-hole - Using Pi-hole

Find the connection you use, in my case Wi-fi, and right-click it. Select Properties from the menu.

Block mobile ads with Pi-hole - Using Pi-hole

Scroll through the connection properties until you find Internet protocol version 4 (TCP/IPv4) and highlight it, then click the Properties button.

Block mobile ads with Pi-hole - Using Pi-hole

Click the Use the following DNS server addresses radio button, and type in the IP address of your Raspberry Pi with Pi-hole as the Preferred DNS server. Click Ok when you’re finished.

Now Windows will use Pi-hole as its primary DNS server, and automatically block online ads.

Block mobile ads in iOS

In order to block mobile ads in iOS 11, you’ll need to change your device’s network settings. Open the Settings app and tap Wi-fi to open your device’s network settings.

Block mobile ads with Pi-hole - Using Pi-hole

Then tap the blue Information icon next to your wifi connection.

Block mobile ads with Pi-hole - Using Pi-hole

Change Configure DNS from Automatic to Manual so that you can set your primary DNS server to Pi-hole.

iOS will save the DNS settings from Automatic mode. You’ll need to remove the servers that are already there before you add Pi-hole to the list.

Block mobile ads with Pi-hole - Using Pi-hole

Click Add server and type in the IP address of your Raspberry Pi. You should also add a backup DNS server, so you can still visit websites when Pi-hole is offline. I recommend the IP address of your gateway router, which will use your ISP’s servers.

When you’re finished adding DNS servers, click the Save button. You may need to restart your web browser app to begin blocking ads with Pi-hole.

Block mobile ads in Android

If you use Android, you can manually add Pi-hole as your primary DNS server in order to block mobile ads. You’ll need to open up the Settings menu to get started.

Block mobile ads with Pi-hole - Using Pi-hole

From the settings menu, click Connections.

Block mobile ads with Pi-hole - Using Pi-hole

Tap and hold on your active network connection, then select Manage network settings from the menu.

Block mobile ads with Pi-hole - Using Pi-hole

Make sure Show advanced options is checked.

Block mobile ads with Pi-hole - Using Pi-hole

Then change the IP settings from DHCP to Static.

Block mobile ads with Pi-hole - Using Pi-hole

Set Pi-hole to be the primary DNS server and click Save, and Pi-hole will start blocking mobile ads on your Android device.

 

Previous Post

Controlling Mindstorms EV3 with a Raspberry Pi

Original Article: The MagPi, The Official Raspberry Pi Magazine LEGO Mindstorms is a great tool to gain experience in understanding robotics, but what if you wanted to make your own input sensor? ... Read more

Next Post
Xbox Controller

Connecting 'Xbox Controllers' to the Raspberry Pi

If you have ever tried to use an Xbox controller with the Raspberry Pi, you will find very quickly that they do not work correctly right out of the box. ... Read more

Short URL: http://tinyurl.com/ycnts3tn

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.



Do NOT follow this link or you will be banned from the site!