Raspberry Pi - Pi-Hole Network-wide ad blocking
Install Pi-hole
Apparently ads need to be delivered from a number of separate DNS-domains. The Pi-Hole software takes control of the DNS-name-to-IP translation within your network and uses this to return a small file instead of the intended ad. The Pi-Hole software will download and update lists of domains to "know" what the ad-domains are.
Advantages over a browser ad-blocker plugin are:
- It will work on all your devices in the network
- Your device doesn't need to spent time on a plug-in and the ad replacement will result in less data. Therefore your browsing experience will be faster.
- You will be able to monitor what domains are visited and blacklist or whitelist any domains accordingly
Possible drawbacks are:
- Blocking is solely based on domain-names, you can't block ads if needed services and ads are delivered from these domains
- A problem with your DNS-server will cause problems in your whole network
- You might see some browser errors for ads that are delivered from HTTPS connections
Note that as of version 4 you can also block with regular expressions.
More info here:
Download latest installation script:
curl -sSL https://install.pi-hole.net > pihole-setup.sh
Install:
chmod +x pihole-setup.sh sudo ./pihole-setup.sh
Change admin password:
sudo pihole -a -p
Starting from Pi-hole version 6
Around june 2025 Pi-hole version 6 was introduced. This version no longer installs lighttpd server and uses its own webserver embedded in pihole-FTL.
You might need to reconfigure the port that is being used:
sudo nano /etc/pihole/pihole.toml port = "8088o,8448os,[::]:8088o,[::]:8448os"
To access the web interface:
OR
Update Pi-hole
Run from commandline:
pihole -up
This will check for updates and re-run the complete installation script, keeping configuration done previously.
HTTPS
When the ad is served from an HTTPS connection the certificate will not match the domain name. You browser will then complain about an "insecure connection".
Firefox suppress "Your connection is not secure" messages
about:config security.insecure_field_warning.contextual.enabled -> false
Show descriptive names in stead of IP addresses
Info:
Edit /etc/hosts -file:
sudo nano /etc/hosts
#MANUAL DHCP DNS NAMES 192.168.1.1 myrouter.local 192.168.1.2 myserver1.local 192.168.1.3 myclient1.local 192.168.1.4 myclient2.local
How to make this list from my router DHCP list:
Copy the list from router DHCP webpage to Notepad++
Use regular expression replace. Note: '.' matches newline - needs to be enabled.
Replace:
([^\n]*)\r\n([^\n]*)\r\n\t([^\n]*)\t\r\n
with
\3\t\1\n
Remove all empty lines and replace all spaces with "_".
Block lists example
This is a work in progress.
Domains
| YouTube Pi-Hole domains |
|---|
| i1.ytimg.com |
Wildcards
Note that as of version 4.x you can also block with regular expressions.
| YouTube Pi-Hole wildcards break Youtube |
|---|
| ^r[1-9]---sn-.{8}\.googlevideo\.com$ |
| ^r[1-9]\.sn-.{8}\.googlevideo\.com$ |
| ^r[1-9]\.sn-.{8}.gvt1.com$ |
OLD VERSIONS (before Pi-hole version 6)
Prevent reinstall of lighttpd webserver with updates
Prevent reinstall of lighttpd webserver with updates. Simply remove it after the update if you don't want it:
sudo systemctl status lighttpd sudo systemctl disable lighttpd sudo apt --purge remove lighttpd sudo apt --purge autoremove
To prevent install of the webserver while updating edit the following text file:
sudo nano /etc/pihole/setupVars.conf
Change the line:
INSTALL_WEB_SERVER=true
To
INSTALL_WEB_SERVER=false
Use Pi-hole with Nginx Webserver
Info:
sudo apt-get -y install nginx php-fpm php-cgi php-xml php-sqlite3 php-intl apache2-utils
#Change ownership of the html directory to nginx user chown -R www-data:www-data /var/www/html #Make sure the html directory is writable chmod -R 755 /var/www/html #Grant the admin panel access to the gravity database usermod -aG pihole www-data
sudo nano /var/nginx/sites-available/pihole
server
{
listen 80;
server_name wjv.duckdns.org;
root /var/www/html;
autoindex off;
index index.php index.html index.htm;
## pi-hole #########################################
# http://$host/pihole
# http://$host/admin
location / {
expires max;
try_files $uri $uri/ =404;
}
#php
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
location /*.js {
index pihole/index.js;
}
#Make site available sudo ln -s /etc/nginx/sites-available/pihole /etc/nginx/sites-enabled/ #Restart php7.3-fpm daemon service php7.3-fpm restart #Restart nginx web server service nginx restart
Use Pi-hole with Apache2 Webserver
If you have Apache2 running on the Raspberry Pi for other purposes and you don't want another webserver. It is quite easy to use Apache2 instead. You will need some modules for the site to work (no further details here).
Configure Apache2 webserver:
The Pi-Hole web files are by default installed in "/var/www/html/admin" and "/var/www/html/pihole".
sudo nano /etc/apache2/sites-available/raspberrypi.conf
<VirtualHost _default_:80> #pi-hole admin and pihole via http Alias /admin/ /var/www/html/admin/ <Directory /var/www/html/admin/> AllowOverride None Require all granted </Directory> Alias /pihole/ /var/www/html/pihole/ <Directory /var/www/html/pihole/> AllowOverride None Require all granted </Directory> </VirtualHost>
Restart Apache:
sudo systemctl restart apache2
For anything to work you will need to configure your DHCP-server (your router) to point to your Pi-Hole as being the main DNS-server. This should be quite easy, a bit of background knowledge will be helpful however and then there is the fact that every router is a bit different. You can setup pi-hole as your DHCP-server. More info on the pi-hole website.
Open web interface at (note that this is not a real domain, it is translated to your local IP address):
