Pi-hole protects your devices from unwanted content, such as advertisements and tracking, without installing any client-side software. Instead of installing adblockers on every device and every browser, you can install Pi-hole once on your network and it will protect all of your devices. Because it works differently than a browser-based ad-blocker, Pi-hole also block ads in non-traditional places, such as in games and on smart TVs.
Pi-hole is free software but needs a device to run on, for example a Raspberry Pi or Linux machine. However, many people do not have the technical know-how to setup their own DNS server, so I created Public-Pihole.com. The Public-Piholes are available for use by anyone, free of charge.
In case a legitimate website is being blocked, please file a whitelist request
Yes. DNS queries together with their originating client IP address are stored for 24 hours to protect against DNS amplification attacks. This is an automated process performed by fail2ban and requires no human interaction. I.e. I will NOT be sniffing through the logs.
Rest assured that I will never sell or share your data with any third party. I have no desire to impose on you and zero interest in trying to do anything with your private details.
All Public Piholes use their own, local, recursive DNS server, powered by unbound. The reason for that is simple:
Pi-hole includes a caching and forwarding DNS server, now known as FTLDNS. After applying the blocking lists, it forwards requests made by the clients to configured upstream DNS server(s). However, as has been mentioned by several users in the past, this leads to some privacy concerns as it ultimately raises the question: Whom can you trust? Recently, more and more small (and not so small) DNS upstream providers have appeared on the market, advertising free and private DNS service, but how can you know that they keep their promises? Right, you can't.
Furthermore, from the point of an attacker, the DNS servers of larger providers are very worthwhile targets, as they only need to poison one DNS server, but millions of users might be affected. Instead of your bank's actual IP address, you could be sent to a phishing site hosted on some island. This scenario has already happened and it isn't unlikely to happen again...
When you operate your own (tiny) recursive DNS server, then the likeliness of getting affected by such an attack is greatly reduced.
The following whitelists are in use on all Public Pi-holes:
In case a legitimate domain is missing and being blocked, please file a whitelist request
Yes, all Pi-holes pass the DNS Nameserver Spoofability Test by GRC, which checks for Cache Poisoning.
After configuring your device to use my DNS servers, go to dnsleaktest.com and run a standard (or extended) test.
ONLY *.public-pihole.com should show up as hostname(s) the results table, like shown below.
See the details on the DNS Servers page. Alle Pi-holes are placed on fast uplinks in professional data centers operated by Scaleway and OVH.
My provider, Scaleway, only has French IPs, but are routed through The Netherlands if assigned to a Dutch Virtual Private Server (VPS).
However, I can assure you, the VPS is physically located in The Netherlands (Amsterdam).
To stay updated about service outages, announcements and updates, subscribe to the Telegram channel.
No. This service is provided based on best effort.
Additionally, it's provided without any warranty and I renounce liability for any claim, damages or other liability arising from the use of this service.
The Netherlands and France each have 2 vCPUs, 2GB RAM and a local SSD.
Canada and Singapore each have 1 vCPU, 2GB RAM and a local SSD.
All instances run Ubuntu Server 18.04 LTS.
The installation of each instance was done in an automated way using Ansible, to save time and reduce human error. The Ansible playbook was written by myself and is open-source. It can be found at my Github account.