I’ve been aware of pi-hole for a while now, but never bothered with it because I do most web browsing on a laptop where browser extensions like uBlock origin are good enough. However, with multiple streaming services starting to insert adds into my paid subscriptions, I’m looking to upgrade to a network blocker that will also cover the apps on my smart TV.

I run most of my self hosted services on a proxmox server, so I’d like something that’ll run as an LXC container or a VM. I’m also vaguely aware that various competing applications have come out since pi-hole first gained popularity. Is pi-hole still the best thing going, or are there better options?

  • Maximilious
    40·
    9 months ago

    What makes it better other than the UI? I’m weary of using it because it is developed by Russian developers.

    • Gooey0210English
      30·
      9 months ago

      Encryption, UI, probably a little bit more serious development

      But encryption is a big thing, DoT, DoH, Quic. And soon they will have ECH

      • DefederateLemmyMlEnglish
        30·
        9 months ago

        Just wanted to chime in and say that with a pihole you can also have encryption if you point to a local resolver like cloudflared or unbound.

        My pihole forwards everything to a cloudflared service running on 127.0.0.1:5353 to encrypt all my outgoing DNS queries, it was really easy to setup: https://docs.pi-hole.net/guides/dns/cloudflared/

        • Gooey0210English
          10·
          9 months ago

          Hold on, this is not the same encryption

          The encryption i was talking about is the encryption of your dns server

          The article you sent is talking about upstream dns server encryption

          • DefederateLemmyMlEnglish
            10·
            9 months ago

            The encryption i was talking about is the encryption of your dns server

            You mean encryption between the client and your DNS server, on your local network?

            • Gooey0210English
              10·
              9 months ago

              You can do it on your local network, but this won’t make much sense

              I mean encryption between your phone or laptop outside of your house, and your dns server at your house

        • danEnglish
          10·
          9 months ago9 months ago

          That’s a bunch of extra manual work though - both the initial setup, plus keeping the extra software packages up-to-date. With AdGuard Home, it’s already configured to use DoH by default.

      • bdonvrEnglish
        10·
        9 months ago

        That’s cool for certain applications but on my home network should I really be super concerned about DNS encryption?

        • Darkassassin07English
          40·
          9 months ago

          Not within the network, but translating regular dns to DoH before heading out to WAN keeps your browsing a little bit more private from your isp. Marginal, but it is a difference.

          • danEnglish
            10·
            9 months ago

            It’s not just a little bit more private It’s a lot more private. Some ISPs have been known to build advertising profiles using DNS data. It’s trivial for them to see all DNS lookups and even modify the responses, since it’s both unencrypted and unauthenticated by default.

        • Gooey0210English
          20·
          9 months ago

          Probably not, but anyway it’s pretty cool to have an option to do this kind of stuff

          You can set up this dns on your phone, laptop, without a need of vpn (although vpns are cool, especially tailscale)

          But, are you always connected to the vpn? Or even to connect to the vpn itself you probably need dns, why would not use your own