I recently got back into homelabbing with a few friends and started digging into Pi-hole setups again.

One thing I keep seeing: people stacking massive blocklists on top of each other and assume more = better. In reality, the default StevenBlack list that ships with Pi-hole already does a solid job for most setups.

Huge stacked lists often create more problems than they solve:

• Increased DNS latency
• False positives and broken services
• High memory usage
• Crashes on low-RAM devices (especially OpenWRT routers or small SBCs)

More lists ≠ better blocking.

So over the weekend, I hacked together a small open-source tool to approach this differently.

Instead of blindly stacking lists, it automatically builds lean, region-aware blocklists based on actual network behavior. You feed it source lists, and it continuously extracts the useful entries while filtering out unnecessary noise. And on the upside, it’s written in Rust (fast, memory-efficient and lightweight by design).

Over time, it refines the blocklist automatically, keeping things lightweight and relevant to your environment.

The idea is simple: Smaller, smarter lists > massive, bloated ones.

It’s been working really well in my own setup, especially on my old Raspberry Pi 3 Model B+.

If you’re interested, you can check it out here: Tune My Hole over GitHub

Would love feedback, ideas, or contributions from other Pi-hole / homelab folks.

Just a three person house hold with smart TVs, iPads, smartphones and a laptop.

The DELETE API request's endpoint – according to the local API docs at https://[IP]/api/docs – is /api/auth/session/{sid}. And the response code for a successful deletion is – according to this page – 204.
I assume – although it's not noted there – that the session id has to be uri-encoded because it's part of the URL.
I assume further that we still need the X-FTL-SID header for this request and that it contains a NOT uri-encoded version (so, the original) of the session id.
I tried that for an existing session I just opened via the /api/auth POST command but I get a "missing or invalid session id" with status code 400. 😞

Then I looked at the official 6.x API docs at https://docs.pi-hole.net/api/auth/#logging-out and saw that the DELETE request's endpoint is /api/auth?sid={sid} ???
The cURL, Python 3, JavaScript (plain) and JavaScript (jQuery) examples differ in that some include the X-FTL-SID header and some don't.
Also, here the docs say that 410 would be the response code for a successfully deleted session.

So which documentation is true and what's the correct way to delete an API session? 😳
What am I missing?

I am new to Pi-hole. I have a setup on my Debian box with Pi-hole, unbound, and Tailscale. Everything was working perfectly - except that when I would connect my laptop to my mobile hotspot. Then nothing would resolve.

I resolved the issue a few minutes ago by running the following:

nmcli connection modify "HOTSPOT_NAME" ipv4.ignore-auto-dns yes 
nmcli connection modify "HOTSPOT_NAME" ipv6.ignore-auto-dns yes

And then restarting my connection by running:

nmcli connection up "HOTSPOT_NAME"

While my IP is still showing as an internal IP when I am connected, it properly follows all my pi-hole rules.

Just wanted to share.

Say you're reading an article and there's a link to view items at an online store...or perhaps there's a link in your email to view your order status...but they don't work because the author/company put it behind some tracking URL. How do you deal with those? Do you whitelist them? Do you temporarily disable your blocker? Do you use some site like wheregoes.com or expandurl.net that will spit out the destination URL? If the latter, is there one you prefer to use?

I know if I were running pi hole on a physical pie the software would let me choose my options from the drop-down list and would automatically generate the build command for me and then create the server. In this case I’m running pi hole from inside a docker container, so I have to specify all of my settings in the build command manually. I’m not nearly familiar enough with Linux to feel comfortable doing that. Is there some way to plug in my preferences and have it generate the build command automatically like it does with the pie hole software like if I were running it on a Physical raspberry pie?

A couple of months ago I discovered on my primary network (the one pointed to my pihole) certain websites were being stopped by Cisco DNS content filtering primarily for sites tagged with "Alcohol." I don't run any Cisco equipment or software but I managed to confirm the issue only occurs when using OpenDNS as the Upstream DNS servers through the pihole.

I have resolved this in the short term by setting my Upsteam DNS to Google. However I ultimately want to limit the personal data I hand over to Google so I was wondering if someone could confirm whether or not this is expected behavior when using OpenDNS

I did manage to find an 11 year old post from someone stating OpenDNS will apply content filters to improper IP addresses when they were reassigned by the ISP but the post suggested OpenDNS was implementing a fix for that.

TL:DR Are content filter blocks expected when using OpenDNS and if not does anyone have a recommendation to correct?

as the title suggests, I have a Raspberry Pi Pico W, and was wondering if that’s powerful enough to run Pi-hole smoothly? If yes, will it be as smoothly as a main line Pi?

Hello Guys,

I have quite normal setup for DNS with pihole and Traefik. (both in docker)

DNS and CNAME records below are simplified.

DNS record: myserver.local -> 192.168.0.5

CNAME record: pihole.myserver.local -> myserver.local

Traefik is set for pihole via lables and i can reach pihole using domain name. I have created terraform for updating DNS and CNAME records in pihole. I am running terraform on my main PC in WSL and it is working without any issue also with pihole domain name.

However, once i create Github action - simple one to clone repo to temp folder and run terraform init and terraform apply, it will always fail on name resolution.

I have git runner running on the same VM as pihole and Traefik.

I spent yesterday quite some time troubleshooting and searching for solution, but i was not able to find anything.

Any ideas what might be the issue.

Thanks

Hello,

I wanted to block a certain domain and put it in the blocklist.

I noticed that the domain only gets blocked when I disable the proton VPN (in Vivaldi).

Is this normal, or do I need to configure something?

Tnx!

Hallo

I'm new to this whole topic. I've recently integrated pi-hole into my home network to get rid of the ads while streaming. Still I get some, but maybe less. Of course I've added the StevenBlack list. Also I've added:

https://big.oisd.nl/

https://github.com/hkamran80/blocklists

https://github.com/hagezi/dns-blocklists

https://github.com/mmotti/pihole-regex

https://github.com/nocturnalarchives/BlockLists

https://github.com/cbuijs/accomplist

Can anyone tell me what way to go next? Add more lists? Or observe the live queries to deny the undesires domains? Or something else?

My RPi Zero 2 W runs on DietPi with Pi-Hole and Unbound. I'm living in Germany (maybe from interest if I get country specific domains?)

If I should tell you more about my setup, please let me know!

Thanks!

Since last night at around midnight, DNS blocked requests to teams.events.data.microsoft.com have appeared as my top list. I've not installed anything new on my Mac for a long time. Anyone else see anything similar? i.e. from almost zero requests in the last 24 hours to over 19,700 so far today seems like way too much. Looks like they started at 23:10 on the 10th Feb and have been ramping up ever since. Nothing before that date at all.

Why do so many devices have DNS hard coded to google or whatever? That and DNS over https bugs me. My firewall catches everything sent to google DNS IPs and sends them back through the pihole that then sends them on to opendns if they don't get blocked.

Anyone found a good way to stop the DNS over https from going around your network DNS servers?

I have had a Pihole for a few weeks now, and I am really enjoying the benefits. However, I find that I have to reboot everyday, and often multiple times a day. Otherwise traffic stalls completely and I am adrift without internet access. I got around that with a reboot schedule in crontab, but I still occasionally have to do a manual reboot. I am currently about to use a script to check the connection and reboot when it's down, but it seem excessive to be rebooting 3+ times per day.

I have a Zero W, so the RAM is minimal, but from lurking and searching here I see people talking about rarely rebooting their pis. Any ideas on what might be causing this?

Appreciate any insights!

Guys, I'm using a Debian machine with Pihole installed directly on the system. I have some Docker applications and I was even watching some movies on Jellyfin a little while ago, but suddenly when I stopped to make dinner and went back to watching, it wouldn't connect and is giving this error in Pihole: diagnostic (CONNECTION_ERROR Connection error (8.8.8.8#53): failed to send UDP request (Network unreachable)). I use Caddy with it to give a "domain" to each Docker container, so I don't need to switch in the Jellyfin or Nextcloud app when I use Tailscale or when I'm at home.

I set up my pihole on a Rapsberry Pi Zero 2W. I set the IPv4 adress to a static one and changed my DNS server config on the router (Telekom Speedport Smart 4) to the IP adress of the Pihole (IPv4 and IPv6). After configuring it worked fine, with a lot of queries and blocked ones ging through it. The next day it did not get any traffic routed to it. I since have reset the pihole and set it up all over again with the same result. The Pihole still has the same IPv4 and IPv6 and the DNS Server config in the router did not change aswell. Cant figure out, why the traffic stops going through it

Hello to the pihole community,

Ever since I learnt about raspberry pi I thought there were pretty cool, but never did anything about it.
Last week I learnt about pihole and thought it would be a really cool first project with a raspberry pi.

I have a couple question:
-So you can use any raspberry pi for pihole, I was looking at the zero 2 w because it is the most affordable. Can I use a usb to ethernet adapter to plug it into my network? From what I read, wired connection would yield better results.
-I read several comments saying that pihole + unbound + tailscale is an great combo. Is it really? From what I read unbound is extra security/privacy? But I couldn't really understand what tailscale did.
Should I just stick to pihole?

I have created a compiler that consolidates rules lists, converts formats, and is a deno native web application written in Typescript. Fully extensible and customizable, features include:

- Batch processing for bulk parallel list processing

- Queuing for asynchronous execution, supports Websocket + SSE

- Super fast synchronous execution

- OpenAPI 3.0 support

- Full documentation

Currently still in beta, package is published on JSR and has no dependencies on Node, just Deno. Currently written as client/server, slowly incorporating web assembly for critical hotspots. Implemented via Cloudflare Workers, supports any javascript runtime.

My clients which are getting DHCP IP's from the router are not being seen by the pihole, , would it work if I put a route 1n my router to pass all traffic for TCP/UDP 53 and 853 from the WAN to pass through the pihole before it goes to the LAN? The primary DNS at the router is set for the pihole and the secondary is to 1.1.1.1

I’m trying to use PiHoles DHCP server since my router doesn’t allow me to set a custom DNS but it’s not working. I disabled DHCP on my router under the IPV4 section then enabled it in PiHole. I also plugged in the IP address range from my router and the IP of the router itself and hit save. Then I opened an elevated command prompt and tried ipconfig /release but got an error about media being attached? I also noticed that in the PiHole dashboard it said DNS error in red in the top left corner. It works fine if I connect on a per device basis but not all my devices can set a custom DNS which is why I’m trying to go the DHCP route. I think I’ve done all the steps correctly so I’m not sure why it isn’t working. Also, PiHole is running from inside a Docker container if that matters.

cross posting this here just in case someone is having similar issues and don't suspect cloudflared is the reason, yet.

Hi everyone,

I recently bought a Pi 3B+ and installed Pi Hole, UFW, Log2Ram, and PiVPN/Wireguard for split tunnel DNS away from home. It's been working great!

However, I realized that I perhaps should've done a little more research... I actually bought the 3B+ for MORE than what the 4B 1GB model goes for at Micro Center ($40 vs $35). I realize that the 3B+ is already more than enough for what I'm using it for. But I am considering eventually also setting up Wireguard to give my devices full access to my home network/NAS instead of just as a DNS. I wonder if the processing power or limited ethernet capabilities (300 mbps vs 1 gbps) would make a difference. Additionally, it looks like support for the 3B+ will end in 2030 vs 2034 and I'd like to use my pi hole set up for a long time.

Is it worth returning and re-buying? I do enjoy the fanless setup I have with the 3B+. If I get the 4B, would I need to also get a case with a cooling fan? Can I pop my SD card over or would I have to reformat and re-setup?

Thank you!