I started with a fresh VM with Ubuntu 20.04 LTS, with one vCPU, 2GB of RAM, and a 25GB hard disk drive. First thing is to check for updates, execute all upgrades, and remove any flack leftover per my norm:
sudo apt update && sudo apt upgrade -y && sudo apt autoremove -y
Next we elevate ourselves and execute the script from the Pi-Hoe project as root:
sudo su
curl -sSL https://install.pi-hole.net | bash
Now you should be able to navigate to http://IP_OF_YOUR_PIHOLE/admin
Next, I have a set of Blacklists I use to keep my Pi-Hole and network in a manageable way. You’ll add these under Group Management > Adlists:
https://hosts-file.net/exp.txt
https://hosts-file.net/emd.txt
https://hosts-file.net/psh.txt
https://www.malwaredomainlist.com/hostslist/hosts.txt
https://v.firebog.net/hosts/Airelle-hrsk.txt
https://v.firebog.net/hosts/Shalla-mal.txt
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt
http://www.networksec.org/grabbho/block.txt
https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt
http://someonewhocares.org/hosts/hosts
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
http://www.joewein.net/dl/bl/dom-bl.txt
https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt
https://v.firebog.net/hosts/static/SamsungSmart.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://v.firebog.net/hosts/Easyprivacy.txt
https://hosts-file.net/ad_servers.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://gist.githubusercontent.com/anudeepND/adac7982307fec6ee23605e281a57f1a/raw/5b8582b906a9497624c3f3187a49ebc23a9cf2fb/Test.txt
https://v.firebog.net/hosts/Easylist.txt
https://v.firebog.net/hosts/AdguardDNS.txt
Finally, we want more frequent updates to our gravity lists. By default, the Pi-hole cron job runs on Sunday at a random time in the morning. To get a fresh block list each day, we need to increase the update frequency as the following:
sudo nano - c /etc/cron.d/pihole
Locate the line:
25 3 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
Replace number 7 (Sunday) with * (every day). Your new entry should look like this:
25 3 * * * root PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
For all this to work, don’t forget you’ll need to deploy one more for redundancy and update your DHCP server on your router/switch/server to use the new Pi-Hole DNS servers. Now you can just make some of your own custom changes, add your domains, and start browsing a little more safety without so many interruptions.