I ordered a Raspberry Pi 5 so I have a Pi 3 that’s about to be redundant. I haven’t used Pi-Hole so I was thinking it’d be good for that but I’m curious if there’s any downsides for users. Are sites blocked if you dont whitelist them? That sort of thing.
Basically, I’m not worried about me having issues but I’m worried about a maintenance headache if friends and family can’t access things.
Occasionally it’s caused some problems with the tracking crapware that the spouse’s company uses in their web platform. Since they work from home and it breaks the main site they use for work, I’ve had to add some exceptions.
I’ve also seen it occasionally cause problems on websites that rely on tracking garbage and outright fail when they’re blocked. Usually I just never go there again but in a few cases it’s been something I was forced to use so I just disable the pihole for five minutes, do what I need, and hope to never visit that site again.
I think there have been maybe eight of these occurrences in the past five years so it’s not a continual annoyance. No big deal and definitely worth it.
“eight of these occurrences”
I’ve been using various forms of adblock for many years. If a website refuses to show you the information it contains: the information it has is probably toxic garbage.
I’ve lived by “if it doesn’t load, I doesn’t need it” for over a decade and I’ve never encountered a problem I couldn’t easily solve better without the troublesome webpage.
If a website refuses to show you the information it contains: the information it has is probably toxic garbage.
Ehhh. I’ve seen a number of news websites that have a “turn off your ad blocker” thing, and I’d imagine that this could trip that. They aren’t malware sites.
90% of the time you can inspect element and then just delete it from the DOM.
Or drop into reader mode.
While I agree with the sentiment, it doesn’t really pan out for “complete this contract/form if you want to get paid” or “your job requires you to use our internal platform all day every day and we added click tracking to it but aren’t smart enough to make the site function when it’s blocked”
Wait wait wait. Your spouse doesn’t use a vpn for work? They rawdog your private, home network with it?
Lol. Do you know how many companies, even cyber security companies, that don’t use a VPN for remote workers? A lot sadly…
I do, and I will raise concers every time I hear about it
Amazing, isn’t it?
My gf likes to click on ad entries of Google searches - that doesn’t work
If you are able to (and allowed), install an AdBlocker (e.g. uBlock Origin) to reduce the friction for such cases. In my experience these ads are rarely click-worthy.
That’s a feature, not a bug.
I know and I tell her that, too - it’s just something to consider when calculating the wife approval factor
Well, tell her that these ads can and often do contain malware, and as of recent have become even better at faking the real URL of a supposed service.
One of the few times I agree with this statement lol.
I use default block list and had 0 issues so far
FML I shouldnt wtite this lol. Just after my comment I found that Lichess app is giving servfail in query and doesnt work. Apparently its unbound issue, but still have to sort that out
I dont know what happened, but its working fine again. I guess unbound was tripping. Nvm me lol
Quite often, yes, especially for apps.
For nearly a year the Android Amazon app wouldn’t work. It would load, and then when a tracker failed to start, would show a generic error message page.
US bank mobile app wouldn’t login for about 2 months last year.
This happens quite often when apps are built with dependencies they assume will load, and when there is a failure an error boundary catches it and shows an error view.
I have not had either of these issues.
I have occasional issues. I just open the logs in the web admin and whitelist whatever is being blocked when the request fails.
For instance my fitness app just changed media hosts for their videos. I could login but not stream anything. It took about 2 minutes to find and fix the issue.
I usually start by clicking disable and trying again. If it works I know it’s something the pi is blocking.
It heavily depends which filter lists you use obviously. I never had this issues and neither my family does
Been using pi-hole since 2016 and I’ve had to make but a handful of exceptions over he years. I guess it’s a case by case thing.
Most things just work, and I have 3.5 million domains blocked. When something doesn’t work you can go into the query log to see what was blocked, and whitelist it from there. I seldom have to do this. Some apps are written to fail completely if they can’t send their telemetry, but most just work without the ads.
Depends on what lists you add to pihole (or adguard).
The default lists for both are primarily advert or tracking related, and very safe to keep. The only time I whitelist is when I’m following some kind of shopping deal that uses a tracker. Most linux related things are free from that.
Important? Depends on who you ask, but annoying? Yes absolutely. I’ve found with both Pihole and Adguard Home that deal links posted on Slickdeals are broken. But those also redirect several times and it can be a bit cumbersome to whitelist all the domains.
I also found out recently that one (or more) of my blocklistsnin AGH was blocking Steam from uploading games saves. So I had to remove some.
deleted by creator
Hmm, any idea where? I’ve poked around quite a bit in general and haven’t found anything that looks like it would do that. But I’m happy to be wrong! :)
deleted by creator
I have a pihole, I love it. My wife hates it so much I made her her own Wi-Fi network on her own vlan that’s isolated from the rest of the network and uses Google dns. My wife likes to click ads and watch TikTok and all that shit is blocked on my network
… All you had to do is create a group in the pihole, set it to bypass the filters using a ‘*’ whitelist entry, then assign any devices you want to bypass pihole to that group.
That person is suspicious that the rogue device without adblocking is going to poison the whole network.
I won’t speak to the wisdom of that, but I’m going to imagine that’s what the issue with your suggestion is.
Lmao, LAN mesh network to distribute ads? That’s a bit intense…
I am a big fan of the idea that by doing this the OC is effectively the ad-distributor in this scenario…
But then TikTok would be on my vlan….no….
There might be a chance for false-positives. Or to just clog your dns responses with repetitive queries.
Then again, you don’t need more than a HaGeZi blocklist anyway.
There’s a handful of lists at that link. Do you have a recommendation? Just their recommended multi pro list?
About two years ago I played a shitty mobile game called Idle Miner Tycoon and its pseudo-multiplayer system wouldn’t work. It turns out that Pi-hole was blocking a domain the game used. While I did whitelist the domains I ended up not playing the game anymore.
Yes, but first go check which list you want to use since they’re a good starting point to understand a kind of level of tolerance and expectations around your experience.
There’s lots of lists around here’s a small sample:
https://arstech.net/pi-hole-blocking-lists-2023/Be prepared for a bump in time outs as you work through things you might need (I blocked by accident a bunch of needed Microsoft services that I need to use during my job).
I haven’t edited my white list in months, maybe over a year. It’s going very well. I’ve been running pihole on ubuntu for more than 5 years as two virtual machines. I’m happy.
My most frequent issue is that links created through an email service provider like ConvertKit will get blocked by PiHole.
I’m a small business owner and so I get a lot of other people’s newsletters, on purpose. I like seeing what mentors and colleagues are doing with their businesses. But a link to their website, a blog post, anything really will almost always be blocked by PiHole if it’s sent via an ESP. This kind of “tracking” (email clicks from a small biz I know and trust) is something I am totally fine with.
It’s easy to disable for 1 minute to click through, but sometimes I forget that the PiHole is active and I can’t figure out why the links aren’t working.
For things like that, ie tracking that you’re ok with; just take a look at which domain is being linked to in the email and add them to your piholes whitelist. You may have to do this a few times as you discover new ESPs but pretty soon you’ll have a good list of them and won’t see them blocked anymore.
Better than having to remember to disable the whole pihole every time.
I don’t manage our PiHole, so easier said than done. I’m the non tech spouse (although not clicking ads or on TikTok all day, lol) but I can’t bug my spouse in the middle of the day to whitelist something for me. I can easily disable it myself and it takes 10 seconds. I could learn how to whitelist, but TBH I have enough tech to keep up with for the business already.
Been running it 7 years with a combined adlist of 1,089,320 domains.
It’s really rare that I run into a site that won’t load or function correctly (like once maybe twice a year). The most noticeable really is the ad results in Google, but I’ve moved away from that to DuckDuckGo anyway.
In the few cases that you do want to use a blocked doman; you can open pihole and either whitelist the domain with one click right out the query log, or disable pihole blocking entirely for 5sec-30min with one or two clicks.
If you really want to, you can group clients and adlists so some clients have much stricter blocking than others do. You can even leave some devices completely free of blocking while still using pihole to log their traffic.
By far one of the noisiest blocked domains is Nvidias driver telemetry. If you don’t strip it out using NVSlimmer, it’ll constantly retry its phone home, spamming the pihole with dns requests (not enough that it can’t handle, but enough that it’s VERY noticeable in the dashboard)
Could you point me at where to find a list of domains for Nvidia telemetry?
events.gfe.nvidia.com is the main one that gets spammed if it fails.
Just use NVSlimmer to strip it out entirely. (grab that and the latest driver package from Nvidia, repeat for updates)
Does a similar utility exist for Linux, though?
On my Windows system I’m using NV Cleanstall to prevent installing telemetry and other unnecessary bits in the first place. Quite the nice tool as well
Not that I’m aware of, but I haven’t looked for one either.
I manually added a handful of domains, and not a single one of them has been pinged so far. We’ll see
The only one I ever found in 2 years of pihole use was cdn.cookielaw.org… a good percentage of sites won’t display with it blocked. Most other stuff is fine.
When I first installed pihole I went overboard with blocklists and broke nearly everything… don’t do that :p
What’s your definition of overboard? I currently have a good one million domains blocked, and only had to whitelist a few for some devices, not even network-wide