Pi-Hole Configuration

Most static Ads and domains will be blocked. Dynamic content is continually changing and therefore ad-blocking for youtube is usually hit-or-miss.

Navigate to Pi-Hole admin interface: http://pi.hole/admin or use static IP if not using Pi-Hole DNS server yet.

Settings › Blocklists

https://adaway.org/hosts.txt

https://bitbucket.org/ethanr/dns-blacklists/raw/8575c9f96e5b4a1308f2f12394abd86d0927a4a0/bad_lists/Mandiant_APT1_Report_Appendix_D.txt

https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt

https://mirror.cedia.org.ec/malwaredomains/immortal_domains.txt

https://www.malwaredomainlist.com/hostslist/hosts.txt

https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt

https://raw.githubusercontent.com/HenningVanRaumle/pihole-ytadblock/master/ytadblock.txt
https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-social/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/adaway.org/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.2o7Net/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Risk/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/Badd-Boyz-Hosts/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/UncheckyAds/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/yoyo.org/hosts

https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts

https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt

https://v.firebog.net/hosts/AdguardDNS.txt
https://v.firebog.net/hosts/Airelle-hrsk.txt
https://v.firebog.net/hosts/Airelle-trc.txt
https://v.firebog.net/hosts/Easylist.txt
https://v.firebog.net/hosts/Easyprivacy.txt
https://v.firebog.net/hosts/lists.php?type=tick
https://v.firebog.net/hosts/Prigent-Ads.txt
https://v.firebog.net/hosts/Prigent-Malware.txt
https://v.firebog.net/hosts/Prigent-Phishing.txt
https://v.firebog.net/hosts/Shalla-mal.txt
https://v.firebog.net/hosts/static/w3kbl.txt

https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist

These can be added all at once (one per line) then mass updated.
Wally’s list has a good list of stricter blocking.
Large list of additional blocklists.
Ensure all lists have a check after loading. If there is an ✗ then the list could not be obtained.
Check this list for common services to whitelist.

Static Host IP Resolution

Useful for hosts with multiple hostnames per IP (e.g. docker containers); or static hosts that the router cannot resolve (e.g. the static address is not defined in the router itself).

0644 root root /etc/hosts

1.2.3.4    app1.host.com app1  # docker app 1
1.2.3.4    app2.host.com app2  # docker app 2

Restarting Pi-Hole may be required.

Disable Blocking for Specific Clients

Disabling ad blocking for specific clients. Disables can be all lists or specific lists.

Router Configuration

Generic Configuration - will be located slightly differently for each router.

Clients Ensure clients flush the DNS cache and new DNS server is set to start resolution via Pi-Hole.

See DNAT for Captive DNS to finish captive DNS setup.