Every device on your network is bombarded 24/7 with malware, banner ads, pop-ups, and activity-tracking scripts. All that extra cruft slows down your browsing. But with a bit of tinkering, you can program a tiny and cheap Raspberry Pi computer to block this noisome dross. Follow these instructions to install the free program Pi-hole, which checks all incoming data against blacklists of your choosing before deciding whether the packets should be passed on to your devices. It’s more efficient than a standard ad blocker; the filtering works across every device on your network, banishing ads, trackers, and malicious code from phones, iPads, PCs, game consoles, Rokus, and even smart TVs.
STEP BY STEP
What You’ll Need
- Raspberry Pi ($35) with the free Raspberry Pi OS software installed
- Home network router (either the one from your ISP or your own—we like the TP-Link AX6000)
- Mac or Windows PC for installing and controlling Pi-hole
- Comfort typing into a command-line interface (nothing too hairy, we promise)
1. Get the Software
With the Pi and your computer on the same network, open a terminal window (use Terminal on Macs; Command Prompt on Windows) and connect to the Pi using SSH. The secure protocol sends commands from one computer to another; find instructions at Raspberrypi.org to help with this. Next, type the command below to install Pi-hole, selecting the default options and writing down any network info you see:
curl -sSL https://install.pi-hole.net | bash
2. Make Your List
Close the terminal window; we’re done with the command line. (See, that wasn’t so bad.) Open a web browser and navigate to http://pi.hole. This is where you’ll control Pi-hole and decide what to block and what to allow. You’ll see some default options to block the most egregious trackers on the internet, but you can always fine-tune things to suit your needs by adding the web addresses where specific services live. Try nuking ads in Twitch or blocking Alexa requests so your kids can’t summon pizzas or Ubers. Pi-hole.net and the r/pihole subreddit are great places to find web addresses to add to your blacklist.
3. Reroute the Traffic
Keep your Pi-hole powered on and connected to your network; plug it directly to your router if you can. Now open your router’s control panel in a web browser (consult your router’s documentation for this part) and look for your network’s DHCP/DNS settings for your LAN—not your WAN. In the DNS field, type in the IP address of your Raspberry Pi. (You wrote it down earlier, right?) This will force all inbound data to go through the Pi and get checked against your lists before going out to your devices. Now restart your networked devices one by one; this forces them to reconnect to the internet through the Pi-hole.
If Firefox is your browser of choice, there’s one extra step. Depending on your configuration, that browser may ignore your local DNS server and instead use DNS over HTTPS, also called DoH. There are some additional settings you’ll need to tweak; find those instructions in the official Pi-hole documentation.
That’s it. You’re up and running with Pi-hole. Want to see how much gunk you’re now blocking? Check out the dashboard at pi.hole/admin.
If you buy something using links in our stories, we may earn a commission. Learn more.
This article appears in the October issue. Subscribe now.
More Great WIRED Stories