What would i lose or gain?
A pi-hole simply black holes DNS lookups from known advertising networks and malicious domains, so your computer is unable to connect to those domains. This is good because you probably want to block those domains, but it doesn’t protect against everything. Adblocking in browser using uBlock Origin will achieve similar results, but only applies to the browser, not other applications on your computer, or say your phone or IoT device on the same network, which does DNS lookups via pi-hole. Both pi-hole and uBlock Origin do not provide any protection from hiding your real IP or your location. This is where a VPN comes in.
Personally, at the router, I black hole a minimal set of hosts from lists I know I will never want anything connecting to. For example, you could use one of the OISD lists: https://oisd.nl/. Then in your browser, you can add uBlock Origin and add more lists which you can selectively allow on websites. uBlock Origin has lists which block against internet annoyances, which pi-hole can’t block against (since it’s blocking DOM objects, and not DNS lookups). This is also useful because it’s easier to control uBlock Origin in the browser, and you can disable it for only some sites. Adding a VPN in addition to this satisfies IP and location hiding, which you can add on the whole router if it supports that, or just your computer/browser if you want.
Thanks, good answer. The ISP’s router won’t run a VPN. If i ran a VPN on the pi-hole machine would that cover all devices on the network?
I don’t think so, since the pi-hole (running on a raspberry pi or other computer) just acts as a DNS server which you configure as the DNS to be assigned to clients as they connect to the router.
If you’re not able to configure a VPN on the router, then setting up a VPN on the computer you’re using, not the raspberry pi, is the only option. This would only mask your computer’s IP address. This would need to be repeated on your phone and other devices as well.
Ok, got it. many thanks
One thing you may want to consider is investing in your own WiFi router; you can ask your ISP to set their modem to “bridged mode” and this will turn off their WiFi and firewall and present you with a single gateway IP to connect to. You can then connect this to your own WiFi router.
Why would you want to do this?
Well, currently your ISP is managing the device all your network connects to; it likely is able to have real time updates of all the devices that enter and leave your home, where they are in your home, and what IPs those devices connect out to at any given time.
If you run your own router, you can set up your own VPN, but also your ISP now only knows where your router connects to, and knows nothing about what goes on inside your network.
good info. thanks
To add to this, some ISPs ([1]used to) charge monthly fees for using their router or modem. A $7/month adds up, and in a year or two, investing in your own hardware will pay for itself and give you more control.
[1] 10 years ago, you had to rent the routers, but nowadays, the router could be free. You can bet though they’re getting that $7/month another way, and it’s likely because they’re selling your data.
So pi-hole is essentially the same as something like NextDNS, just self hosted?
That’s it. Self hosted, personalisable, and that can be used network-wide (as a DHCP server) AND as a VPN (in correlation with piVPN)
It depends on what you’re trying to do. What exactly are you concerned about?
Most ‘adblocking’ is only in a desktop browser unless you use solutions like pi-hole or some alternative. Pi hole can help block some apps, services, and other devices on your home network from doing certain types of communicating in addition to blocking certain ad-related connections.
More of a general security/privacy kind of thing. Nooby trying to understand.
pi-hole or some variant can definitely help in some situations. For example, if you care about your computer OS or your TV phoning home, it may block some of those (with the right list).
It may also block some ads on other devices too, but many places are working around this by tunneling the ad data through their servers.
Thank you
Thank you
If you are using a vpn all the time, then I would not bother with pi-hole.
The vpn will use its own dns most likely. If you use your home dns that may make the vpn less private.
But pihole can block others apps telemetry, not just stuff in the browser. For example, it can block windows stuff.
Also, it has been able to block ads in apps.
Thank you :)
The main difference to my knowledge between an ad blocker and pihole is while a ad blocker downloads the ad but doesn’t show it a pihole blocks it from being downloaded.
In addition you can block anything(not just ads) so if you want to say block reddit you could add *.reddit.com to the block list and it will block it even though it’s not a ad service.
A good adblocker like ublock origin would bit download the ad. It is just as effective as DNS based blocking (pi-hole) with the added feature of also being able to do script blocking and cosmesic blocking.
uBlock Origin does actually block network requests before they leave your browser. The main difference is that Pi-hole can block requests from any application on all your networked devices. Theoretically you can achieve the same effect of a Pi-hole with a hosts file (except DNS caching), but that would involve setting up and maintaining one on every device you own… if that’s even possible (looking at you, Android and IOS)
My thanks
Thank you :)
Secondary question: Using a VPN on the same pi-hole?
deleted by creator
I didn’t know that. Thanks
deleted by creator
All three Privacy Guides recommended VPNs have ad- and tracking-blocking built-in with varying degree of customisation options. This feature can cover the basic benefits a PiHole would give you. If you want more control, I would suggest testing a tool like NextDNS instead of PiHole which gives you a custom DNS address you can set with some VPN providers, offering smoother interplay.
Thank you, that’s the plan