🔌 Router Guides

Pi-Hole's blacklist configuration

3min

1. How to extend Pi-hole blacklist for Internet DNS filtering

Pi-Hole is a very powerful tool that acts as a DNS server with the ability to block advertising and tracking domains (tracking domains). Pi-Hole obtains lists of advertising and tracking domains from a configurable blacklist of predefined sources, and then compares DNS queries against them. However, although its main purpose is to work as an ad blocker, the nature of Pi-hole actually allows it to block the domain of any website by manually adding the domain name to a blacklist.

For more information on how Pi-Hole works, visit the official website. This guide explains how to extend Pi-Hole's blacklists with our blacklists in order to benefit from additional malware protection and content filtering features. PLEASE NOTE(1): Before proceeding with this guide, you must register your public IP address. Only registered IP addresses can use the malware protection and content filtering features on their network. You can do this by going here and then accessing the Networks section. PLEASE NOTE(2): The configuration process described in this guide can be done either through the web interface or by manually editing the configuration files. You can decide which one to use based on your preferences (and the type of installation you have done).

If you decide for configuration via web interface, you have to follow the first paragraph of the guide. Otherwise, the second one is the one for you.

2. Configuration through Web Interface

2.1 Web Interface Access

From here, go inside the Settings menu and move to the DNS tab.

2.2 Here you need to enter the IP addresses of the upstream DNS servers you want to set up

These are the servers to which all requests will be automatically forwarded by your Pi-Hole server. In this case, the IP addresses you need to enter in the IPv4 Custom fields are as follows, as shown in the image below :

Entering the correct ipv4 DNS
isP4 custom Insert


2.3 Click the Save button to save your changes...and that's it!

You should now have your Pi-Hole server properly configured to forward all client requests to our DNS servers.

2.4 To start using our blacklists for content filtering and malware protection

You must now configure them: you can do this by simply going to our site and here in the Protection section.

3. Switch Configuration File

If for some reason you don't want to use the web interface (or have simply decided not to install it), you can alternatively edit the Pi-Hole configuration files manually by following these simple steps. PLEASE NOTE: If you have already completed all the steps described in the previous part of this guide, you do not need to proceed with the next part. 3.1 The file we are interested in is called setupVars.conf and by default is located inside the /etc/pihole/ folder. Move now to that folder and open the file with any text editor. 3.2 The file is basically a script that takes care of setting numerous variables, which will then be used by Pi-Hole when running the various scripts. If you edit this file manually and then run the pihole -r command, the new values you set will be applied. Once the file is open, it should look approximately like this:

Changing the correct DNS through text editor
Configuration change scripts




3.3 The variables we need to change are the ones called PIHOLE_DNS, that is, the ones highlighted by the arrows in the image above. If you have not previously configured an upstream dns server, you should not find any of these variables in the file. In that case you can directly add two new variables: called PIHOLE_DNS_1 and PIHOLE_DNS_2 respectively to the file and then set their values to the correct IP addresses, as shown in the image below:

Correcting PIHOLE_DNS variables with the correct ip's
Changing the right variables




Otherwise, simply change these two variables by setting the desired values. 3.4 Save and close the file. Then run the pihole -r command in a command shell to apply the changes. 3.5 Finally, we need to restart the DNS service. You can use the following command to do this: sudo service dnsmasq restart 3.6 We are done and you should now have your Pi-Hole server properly configured to forward all client requests to our DNS servers. What remains to be done now is to configure our blacklists: you can do this by going to our site and then to the Protection section.



Other ways to ask: » How to configure Pi-Hole blacklists for Internet DNS filtering. » Configuring Pi-Hole blacklists for Internet DNS filtering. How to.