this post was submitted on 15 Jul 2024
222 points (97.4% liked)
Privacy
32165 readers
154 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Does it have any benefits over just running pihole, other than reliability?
You aren't always home, therefore when you aren't home it's useful.
I have not yet looked into the DNS topic. What are the risks if I use the provider's default DNS? Or what are the advantages of using a different DNS?
ISP DNS servers often lies, depending on your country, a lot do DNS blocking so it's a way to evade basic censorship. Also some alternative DNS can lie in useful ways, for adblocking or malware protection. You can also check mullvad DNS.
NextDNS even let’s you customize your DNS filter. You can choose which blocklists you want to use, and you can manually whitelist/blacklist individual domains. It also has other cool features like parental controls and malware protection.
You can still use PiHole as your DNS when not home if you setup a VPN. For me that was the route I went.
or you can allow public authenticated access to dns over https... (just don't expose the raw udp dns server, it's a really bad idea)
(not sure if DoT can also support auth, but if it does that's great because android supports dot natively)
I know I don't want to open up any more ports than I have to, but you're right, that does sound like another alternative to setting up VPN.
Since I access more than just my pihole when connected to my home network. And because I want access to my home services, and don't want to open up access to the public, opening one port and connecting to VPN is the way to do it. I have one port opened up for my VPN, and in order to connect you have to have my IP or my domain pointed at the IP, and you have to have a Wireguard profile setup, and know what port is open. So that does help a tad bit with my security concerns.
Edit: how would I go about that if I felt so inclined? Any tips?
You might be underestimating the OP
It also works when using cellular data or connecting to a different Wi-Fi network. Your Pi-Hole only works when you’re at home or when you VPN into your home network
Fair. I always assumed I could just point to it while I'm out, but i also haven't put a lot of thought into it yet lol
I mean you technically could expose the Pi-Hole from your home network on the internet, but I don’t recommend it. A VPN (either a simple WireGuard setup or something more fancy like NetBird, ZeroTier or Tailscale) could work, but I think NextDNS is the easier solution. Alternatively you could look into running your Pi-Hole on a VPS with WireHole.