Pi-hole is a network-wide ad blocker that works at the DNS level. Install it once, and every device on your network — phones, tablets, smart TVs, even IoT devices — gets ad-free browsing without installing anything on them.
Why Pi-hole?
- Network-wide blocking: Works on every device automatically
- Blocks trackers: Not just ads, but analytics and telemetry too
- Faster browsing: Blocked requests = less data to load
- See what’s happening: Dashboard shows all DNS queries
- Free and open source: No subscriptions or fees
Prerequisites
You’ll need:
- A Raspberry Pi (any model), old PC, or Docker host
- Your network’s router access (to change DNS settings)
- About 30 minutes
Installation Methods
Option 1: Direct Install (Raspberry Pi / Linux)
The simplest method for dedicated hardware:
curl -sSL https://install.pi-hole.net | bash
Follow the interactive prompts. Key choices:
- Upstream DNS: Choose Cloudflare (1.1.1.1) or Google (8.8.8.8)
- Blocklists: Accept the defaults to start
- Web interface: Yes — you want the dashboard
- Logging: Enable for visibility
Save the admin password shown at the end!
Option 2: Docker (Recommended)
More flexible and easier to manage:
# docker-compose.yml
version: "3"
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "80:80/tcp"
environment:
TZ: 'America/New_York'
WEBPASSWORD: 'your-secure-password'
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
restart: unless-stopped
Start it:
docker-compose up -d
Configure Your Router
For Pi-hole to work, devices need to use it for DNS. You have two options:
Option A: Router-Level (Recommended)
- Log into your router’s admin page
- Find DHCP or DNS settings
- Set the primary DNS to your Pi-hole’s IP address
- Save and restart the router
All devices will automatically use Pi-hole.
Option B: Per-Device
Manually set DNS on each device to your Pi-hole’s IP. Works but tedious.
Access the Dashboard
Open http://[PI-HOLE-IP]/admin in your browser.
The dashboard shows:
- Total queries and blocked percentage
- Top permitted and blocked domains
- Query log for debugging
- Real-time statistics
Adding More Blocklists
The default blocklists are a good start, but you can add more:
- Go to Group Management > Adlists
- Add URLs from FilterLists or use these popular ones:
- Run
pihole -gto update gravity (the blocklist database)
Whitelisting Sites
Sometimes Pi-hole blocks things you need. To whitelist:
- Go to Whitelist
- Add the domain (e.g.,
example.com) - Or use the command line:
pihole -w example.com
Performance Tips
Use Unbound for Privacy
Instead of forwarding to Google or Cloudflare, run your own recursive DNS:
sudo apt install unbound
Configure Pi-hole to use 127.0.0.1#5335 as the upstream DNS. Now your queries don’t go to any third party.
Enable Caching
Pi-hole caches DNS responses by default. For better performance, increase the cache size in /etc/dnsmasq.d/01-pihole.conf:
Troubleshooting
Devices not using Pi-hole?
- Check router DNS settings
- Some devices hardcode DNS (Google devices, for example)
- Use firewall rules to redirect port 53
Too many false positives?
- Check the query log to find blocked domains
- Whitelist legitimate services
- Use less aggressive blocklists
Pi-hole not starting?
- Check if port 53 is already in use:
sudo lsof -i :53 - On Ubuntu, disable
systemd-resolved:sudo systemctl disable systemd-resolved
What to Expect
After running Pi-hole for a week, you’ll typically see:
- 15-30% of queries blocked
- Faster page loads
- No more YouTube mobile ads (mostly)
- Smart TV ads significantly reduced
Next Steps
- Set up HTTPS for the admin interface
- Configure DHCP in Pi-hole (optional, replaces router DHCP)
- Add Unbound for recursive DNS
- Set up monitoring with Grafana
Pi-hole is one of the best first steps in self-hosting. Once you see the blocked percentage climbing, you’ll never go back to ad-filled browsing.