Got the pihole working and it’s great.
Why isn’t there a public IP address for a cloud based pihole so people don’t have to buy hardware?
This is what is known as an open resolver. These are quickly found on the internet and put to no good use (DNS amplification attacks, etc.). The large DNS providers have sophisticated software and other tools to thwart this, but the average person setting up a public Pi-Hole does not. Numerous articles exist on the internet regarding this bad practice.
This is why the first rule of this sub is no advertising private DNS servers here.
Take a look at /r/nextdns (https://nextdns.io) which is similar.
Who is going to pay for it? Why don’t you fire it up and let the internet use it. And then setup a system to each user can have their own block listings. My blocks prob not going to be the same as your blocks, etc.
What if I want to whitelist something temp, how does that affect other users… It gets way more complicated very quickly. And then again bandwidth, cpu cycles not free… How does it all get payed for? And someone doing that prob going to want to make some profit for all that effort… So how much do you charge the users to offset cost or have profit? How many people going to go that route when they can just run it on a vm, or buy a cheap pi and run it locally for almost zero cost to themselves - with full control.
So default block stuff defaults to 2 second ttl, so something really interested in find xyz might query your local pi 1000’s a times a day… Which is no big deal when its local, but now do all of that over the public internet… Where is this public pihole hosted? Better be a large CDN that is global, etc. etc… Which just increases the hosting and management costs even more.
There are guides out there for running one (behind a VPN) for free off Google Cloud. Then you are in control vs. some unknown entity.
Cisco Umbrella (formerly OpenDNS) offers something like this. They don’t really offer pre-built lists to block ads, but it is a resolver that you can pay for and get features. It’s based on your ISP IP address, if you pay you can give them your IP and then get features.
You can also use their resolvers for free, as they have some default blocklists that block ransomware servers, botnets, and other known malicious stuff.
Not a dumb question at all. There are only dumb answers.
But there are solutions. See previous replies.
Aint the whole reason behind pi hole is to protect peoples privacy nothing to stop u using a vm though online a guess but kinda defeats purpose.
Nextdns actually is a Pihole. It’s just with a custom gui. They never mention it but if you scroll all the way to the bottom they acknowledge piholes trademark.
Just pay for it with ads…oh wait
Why would you assume most people don’t use the same blocks? I would assume that 99% mainly cares about blocking ads on sites like YouTube. Only the 1% would need custom blocking.
They track you though.
CloudFlare 1.1.1.1 and the DNSCrypt project’s resolvers are the best places to look for fast no-logging DNS servers. If you also want the blocking, use PiHole.
NextDNS is closer to Pi-Hole, as it mostly offer all the same features but hosted. You can use it for your LAN or when on the Go with companion apps.
If the previous replies were dumb answers, what is the non-dumb answer?
wouldn’t it be vulnerable to DNS poison attacks?
I tested it with dig and the authentication data flag doesn’t show for this domain sigok.ippacket.stream
Alternate DNS also has public servers
Works, but no logging or whitelisting. For me the oisd.nl blacklist on pihole at home, or nextdns on the go, works better.
I once had tested adguard at work but it was no success.
Except it wouldn’t be private.
I fubarred an iptables rule not too long ago and opened up my Pihole to the universe. It took minutes before the bots found me. Don’t do it.
The right way is to setup a VPN to your Pihole from your phone. This is actually how I got in trouble. I was opening UDP for OpenVPN and accidentally allowed ALL UDP. Anywho, OpenVPN, PiVPN, or WireGuard are all worth a look to let your phone have Pihole too.