Recently saw a post regarding pi-hole, and I am considering to try it out. I am wondering if it would fit my usecase, so I want to ask about specifically what it solves.
I heard pi-hole blocks ads at DNS resolution level, so it does not block e.g. youtube ads. For me and my family who mostly watch youtube with handful of blog surfing, what value would it bring? Most blogs do not seem to contain much ads, so I am not sure ad-blocking helps much there.
Given the praise pi-hole is getting, I guess there are more to it than limited blocking of ads. I would love to learn more about this topic, as I am blind on the networking stuff. Thanks in advance!
You must log in or register to comment.
For example some mobile games that have in-app ads are blocked.
Was surprised how much is blocked once I opened the app outside of my home network.As other mentioned, an advantage is that it blocks ads on phone apps too. My other use case is to add extra DNS entries to name devices on my local network. Finally, after using pihole for a while I switched to blocky. It has similar features but it lacks the UI and the dchp server, but in exchange it uses much less resources. Since I didn’t use either of these it sounded a good trade to me
I get a lot of ads everywhere. And trackers. On most of the news sites, social media platforms, my email provider, .places where I look up information, … The majority of the internet is commercial and financed through advertisements. With few exceptions, like personal/indie blogs and places like this one. I mean if you read just blogs and Wikipedia, you might already be alright. But that’s not how 99% of people use the internet.
Yeah, Youtube ads won’t be blocked by a DNS blocker. You need a browser plugin for that. I use Firefox, uBlock and Sponsorblock. That removes most of the ads everywhere, including Youtube.
deleted by creator
I mean that’s mainly it… it’s amazing at clearing adds off of news articles general viewing pages like blogs etc… but yes as you said, it’s not particularly great for things like youtube/spotify etc… things that deliver the ads through the same source as the main content.
It’s basicly domain based filtering. So I use mine to also block phishing, crypto mining, malware and anything tracking my web behavior…my parents have theirs setup to also block adult content for the younger siblings…
Tracking your web behavior? That sounds quite interesting, how do you utilize the data?
I can give you an example. Searching through my logs while writing up my first reply to you, I saw these two entries: https://x0.at/nO3I.png
One is for Skype, which I do not use. I don’t even have it installed on my PC, and the other is for QQ, which is a popular Chinese WhatsApp type service from Tencent, the same parent company as TikTok. Not only is it known for being an arm of the CCP, but why are they operating from within my network? No one uses QQ… So it’s ultra suspicious. The contact was blocked, but if I wanted to investigate further, I can–because now I know its there.
Two things. 1, unless you specifically need to run the software on a Pi, I recommend using AdGuard Home over Pi-Hole. It’s more actively maintained (not to imply that Pi-Hole isn’t actively maintained), and is going to be more of a setup once and forget type of solution.
2, the value in running a software like this is to be able to monitor your network traffic for suspicious activity, block ads, and access to malware, porn, warez, gambling, crypto, etc (especially if you have children). You can use custom blocklists like Hagezi’s threat intelligence feeds (TIF) which instantly decreases your attack vector while interfacing with the clear-net. The TIF blacklists block malware, cryptojacking, scam, spam and phishing. Blocks domains known to spread malware, launch phishing attacks and host command-and-control servers.
I very highly recommend using the Hagezi TIF lists. You can setup AdGuard very easily (mine runs off my Synology NAS), and you can easily force your entire network to use it by changing your DNS server in your router configuration page to your AdGuard Home instance IP (in my case, it’s my Synology NAS IP from within my network).
Takes a few minutes to setup, and you’re done. From there you can use the web-ui to change settings, update blacklists, and even see what your network traffic looks like: https://x0.at/D-aY.png and you can even block access to services directly: https://x0.at/QlbJ.png
I agree here. AdguardHome is way easier to configure and just have it work. Evidently, it’s always important to maintain, like any other software, but it is way less hands-on than PiHole.
Thanks a lot for detailed analysis!!
May I ask about difference between Adguard Home and Pi-Hole in terms of “setup once and forget”?
May I ask about difference between Adguard Home and Pi-Hole in terms of “setup once and forget”?
To put a fine point on it, its about usability. AdGuard is just a simple DNS stub resolver which acts as a middle-man between your network, and an upstream DNS resolver. Basically, your device makes a DNS request to your AdGuard instance, and it either gets filtered out by your blacklists (and never leaves your network), or its forwarded to an upstream DNS resolver (a real DNS server) and then back again. Pi-Hole does the same thing, and many many many more things. So while they would both do what you want, Pi-Hole (in my experience) is dozens of times more complicated and difficult to setup. Which is awesome–if you need all those other features.
Hmm, so basically AdGuard is streamlined for the dns-filtering usage? I was thinking of buying an raspberry pi and running pi-hole on it, can I do the same on adguard, presumably easier?
I have AdguardHome on my RPi4 (4GB) model, and it works perfectly fine. I have also hosted Pi-Hole v.5 and even their recent Pi-Hole v6 they just released on it and have even at times run TechnitiumDNS on it. Not all at once of course, but I wanted to let you know you can host any of these on a RPi without issues.
One think you get with the Pi-hole is you can set up a DNS entry where you could for example, set up “laptop” and any time you want to access it or ping it, anywhere on your network, you can simply just enter in http://laptop or ping laptop. With both AdguardHome and Technitium, you need to append the .local or .internal or .home subdomain to make it work. It’s not really an issue for me since I just modify my hosts file on my computer to do the same thing, but is sort of cool when you use a system on the network to just go to http://homepage to reach your dashboard like Homarr or Flame on your phone where you can’t adjust the hosts file as easily.
TechnitiumDNS is what you want if you are wanting to dive deep into your world of DNS configurations, from there, I was able to set up a redirect to my PXE boot server so when devices would grab their IP from the DHCP server, if they queried for a boot device, it would tell the device where to boot from. I’m pretty sure you can do that with PiHole, but I may be wrong. Additionally, with TechntiumDNS, I was able to set up an adblock for my IoT’s VLAN network. without the need to add a second one to the network. As far as I can tell, with the other solutions, this is not as easy to do.
If you are wanting to determine which would be easier to run, I would say AdguardHome for the easiest. Next in line is PiHole v6. and lastly TechnitiumDNS if you really want to dive into the complexities. It is a good business class DNS server. The reason I’m on AdGuardHome right now is for as others stated simplicity. TechnitiumDNS is overkill for my home network, PiHole V6 took forever for them to release, but was a major re-write and if you want to set up your DHCP static mapping like I do, they kneecapped the entry a bit. It’s still there, but not as easy to find and more of a thing like (I don’t recall the order it goes on) MAC;IP;HOSTNAME or something like that instead of the easier method of just clicking in a row and entering those data points one per field like AdGuardHome, and TechnitiumDNS do. Pihole V5 included.
My Network pretty much has 3 layers of DNS filtering active, The first layer is on my router which has built in adblock (FreshTomato), then AdGuardHome, and finally, browser level blocking. I don’t get Youtube Ads on my computers, but on the phones and TV I do. In the browser, I use U-Block Origin which is in the cat and mouse game with Youtube ad-blocking.
This will be the device that helps reduce the amount of ads and blocks telemetry data on devices (mobile device / streaming box / etc) that you can’t utilize some or all of the traditional blocking methods (hosts files / browser plugins / etc). The Pi can also have additional software installed (I recommend PiVPN) to extend these blocking capabilities **securely** when you’re not on your “home” wifi.
@[email protected] has a great response and also suggests using AdGuard Home instead, which is what I run as well. The biggest benefits the AGH has over PiHole for my family is the fact that you can very easily define a Client and the ips that pertain to that client… so I can define a single client for all of my devices , a single client for each of my kids, etc.
Then from there I can block specific services like social media platforms per client group or allow them. And similar to PiHole, I can setup all the blocklists that I want and it’ll block them across all clients.
For my kids, this means it’s blocking all those pesky ads that pop up in games getting them to go and download more mind numbing and draining games…
Finally, I can keep tabs on my network traffic and see what individual devices are accessing what domains; however, this doesn’t mean that I can see the individual web pages.
I have two AGH instances setup on two different hosts, and an additional AdGuardHome-sync container that syncs between the two instances, to make sure that all settings are mirrored.
