this post was submitted on 22 Mar 2025
18 points (100.0% liked)

Pi-hole

509 readers
12 users here now

The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software.

founded 2 years ago
MODERATORS
[email protected]
18
How practical is it to block everything by default? (feddit.uk)
submitted 2 weeks ago by [email protected] to c/[email protected]
31 comments fedilink hide all child comments
 

I've just set up my pihole and I'm considering the best way to configure it. Is it a good idea to set the default group to block (almost) all domains and then manually add trusted devices to another group with a "normal" block list? My use case is untrustworthy devices that I don't want phoning home but which might change their IP address.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 2 weeks ago (15 children)

Not very practical. Find a few curated lists, then start blocking domains 1 by 1. Sounds inefficient, but it's ironically faster in the long run than blocking the whole WWW then backpedaling

[–] [email protected] 2 points 2 weeks ago (14 children)

The trouble is that I don't want an untrusted device to be able to call out at all, and I won't know where it's trying to reach until I connect it

[–] [email protected] 2 points 2 weeks ago (13 children)

Isolate a wlan, then deny it access past the router

[–] [email protected] 1 points 1 week ago

Think you meant VLAN and autoincorrect got you.

load more comments (12 replies)
load more comments (12 replies)
load more comments (12 replies)