Although I don’t manage my own network as a family member who manages it all, I’ve always been interested in network security; is really interesting to me along with its components: encryption, coding and radio signals. I have heard about Pi-hole many timeshowever, I never knew how to install it, so when I finally decided to try it, I was shocked at how easy it was to install. Me during the pi-hole raid I learned about DNS-over-HTTPSaka DoH and why it’s important so I built it. After doing this, I have no regrets: my internet speed is the same, if not faster, and I get secure routing. How I set up Pi-hole, how I set up DoH and the benefits of both.
What is a pi-hole?
The pi-hole is a really useful tool and very easy to set up
First, Pi-hole is a program that is often installed on Raspberry Pis — specifically, a DNS server —blocking certain traffic. This is useful for restricting access to YouTube for young children if you don’t want them to watch videos that are inappropriate for their age. It’s a really powerful tool and it’s popular for good reason; I didn’t think it could live up to the hype, but I’m kicking myself for not trying it sooner.
Pi-hole is also popular because it allows you to block ads on the entire network. Using it, you can automatically block ads, adult content, and malware from your web dashboard entirely. It’s fast, flexible, and uses very few resources because it’s designed for the Raspberry Pi. Nevertheless, it’s on par with enterprise-grade tools in terms of functionality, which is really impressive. Plus, it’s open source, which is a big plus.
Installing a pi-hole is really simple. First, you open a terminal and a web browser. Next, go to the Pi-hole web page, copy the command shown and enter it in the terminal. Finally, click Enter it and follow the dialogs that appear. It’s really quite simple to do, which is another benefit on top of the pile. It’s truly a hassle-free experience.
DNS over HTTPS
It was really easy to set up using Terminal and WebGUI
Setting up the DoH was very quick and easy to say the least. I followed the instructions in the official Pi-Hole documentation, including updating my compatible repositories and installing the dnscrypt-proxy package. Then run away
sudo systemctl edit dnscrypt-proxy.socketand make sure it is not using a port already in use by other services.
Next, edit the /etc/dnscrypt-proxy/dnscrypt-proxy.toml file and set the server_names property to the DoH DNS servers of your choice. Then, you execute the command
sudo pihole-FTL --config dns.upstreams '("127.0.0.1#5053")'. Finally, rebootdnscrypt-proxy.socket, dnscrypt-proxy.serviceand pihole-FTL.serviceusing systemctl.
To double check that the installation is working, you should check the status of each of them and then in the WebGUI Settings -> DNS and under “Top DNS Servers” check all the boxes for public DNS servers, make sure the IP address and Port are in the text box and click “Save”. Now DoH is completely set up and ready to use!
Why is DoH so important?
DoH is an important part of security in your home network
You may already know what a VPN is and does, but if you don’t, a VPN is software designed to encrypt traffic and access a network, often the Internet, through a computer on another network, often in another country. This is useful because it allows you to hide your traffic from your ISP and anyone monitoring your network. However, VPNs are often very slow, which can be a problem for some.
However, since HTTPS already encrypts traffic, a more suitable alternative is to encrypt DNS over HTTPS. Then all the ISPs can see are the IPs and ports of the destination sites, which are often used by many pages (especially sites protected from DDoS by Cloudflare), making it almost impossible to trace your traffic. And that’s exactly what DoH is: it encrypts your DNS requests as just another HTTPS web page request, making it almost completely impossible for your ISP to track you.
Some people may not care online safety — your neighbors and parents probably aren’t worried about your online activitiesbeing tracked – but as a technologist I know that privacy – what little you can still get – is very important. I don’t know why I didn’t try this sooner considering the speeds didn’t drop at all.
- OS
-
Linux
- Price model
-
Free
Pi-hole is a network-wide ad blocker that supports DNS-over-HTTPS and comes pre-installed with blocklists for ads, malware, and trackers. It runs on your Raspberry Pi or server and uses very few resources.
DoH is a boon for network security
Building DoH was one of the best uses of my time to improve my network. Pi-hole means I don’t see ads and DoH means my ISP can’t see traffic. I highly recommend it – if you have one setting up a new networkor if you want better security of your current one, definitely install it!
