Free Public Pi-hole

Pi-hole is Network-Wide Ad Blocker that blocks ads of all sorts at the router level. It blocks advertisements on any device and improves overall network performance. For more information, watch this short video below.

For those of you who don’t own a Raspberry Pi, I’ve setup two internet facing Pi-hole servers. Both are running from a Virtual Private Server (VPS) in a datacenter, so no worries about latency or bandwidth issues. The exact details are as follows

Primary Pi-hole/DNS-server:

Secondary Pi-hole/DNS-server:

General Information & Settings:

Disclaimer:

  • The Public Pi-holes are operated by me, Freek. I hold internet security, net neutrality and privacy in high regard. This is why I’m providing this service.
  • Although being completely free, you are not ‘the product’; your data will never be shared or sold to third parties.
  • This service is provided without any warranty and I renounce liability for any claim, damages or other liability arising from the use of this service.

Follow these steps to get started: https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245Comments or suggestions? Let me know in the comments :)

42 thoughts on “Free Public Pi-hole

  1. Hi, thanks for the public pihole server. Much appreciated. Could you please enable ip v6 as well? I notice sone ads are getting through and they are usually on ip v6.

    Thanks!

    1. Thanks for your suggestion! I’m quite busy at the moment, but I’ll put it on my todo list :) My VPS already has IPv6 support so it shouldn’t cost too much time to implement, probably just some firewall rules and re-running the pi-hole setup. ETA is about 1 month, please check back by then!

  2. Hi, thanks for the public pihole server. Much appreciated. Could you please enable ip v6 as well? I notice sone ads are getting through and they are usually on ip v6.

    Thanks!

    1. Thanks for your suggestion! I’m quite busy at the moment, but I’ll put it on my todo list :) My VPS already has IPv6 support so it shouldn’t cost too much time to implement, probably just some firewall rules and re-running the pi-hole setup. ETA is about 1 month, please check back by then!

    1. Yes, you’re totally right :) I’m already using Let’s Encrypt but something went wrong with the automatic renewal of the certificates. I’m quite busy at the moment, so I’ll put it on my todo list as well. In the mean time you can access the stats page using http, it doesn’t need any credentials anyways so. The server that is running Pi-Hole itself is still getting automatic (security) updates so no worries there.

    2. I’ve fixed the automatic certificate renewal. The certificate warning should now be gone. Sorry for the inconvenience!

  3. Another public pihole is located at XX.XX.XX.XX [DEAD – Removed by Freek @ 21-11-2017] can be added as second DNS

    Is there someone that can provide me a free vps with static IP to host a better performing public pihole

      1. Indeed, the Pi-Hole by Sander Stomp is not working any longer. I therefore removed it from his comment.
        However my Pi-Hole is still up and running. I suggest you use that one. I will set-up a secondary node in the beginning of December for redundancy.

  4. I have a pihole running on a VPS also, but not opened to the public so far.
    Could you probably post what you did to harden your installation? I’m grateful for any best practise hint.

    1. Sorry for the delayed reply.

      In order to harden your Pi-Hole installation, or any Linux Server installation for that matter, I suggest the following;

      Install Fail2ban, Lock Down SSH, Disable root & Enable sudo, Set Up A Firewall (ports 22, 53, 80 and 443 are all you need) and Enable Automatic Security Updates. Last but not least, set a strong password for the Pi-Hole webinterface :)

      For more information visit: https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers and/or https://www.codelitt.com/blog/my-first-10-minutes-on-a-server-primer-for-securing-ubuntu/

      For more hardening tips and tricks, to take a look at https://www.thefanclub.co.za/how-to/how-secure-ubuntu-1604-lts-server-part-1-basics

    1. Thanks for your comment! Many of those lists from your link are already in use by my Pi-Hole :) However, before adding new-ones, I carefully test them in my own environment to make sure they don’t contain false-positives or block too much stuff that breaks ‘the internet’.

  5. I work at a small company and we have over 3000 customers. Can I set all client to use this VPS Pihole? I can do it on our DHCP server end in 2 seconds.

    1. Hi! Thanks for your message! Feel free to do so, but please keep in mind that it is currently non-redundant. However, I’m trying to setup a second PiHole asap. I’ll keep you guys posted on my blog!

  6. Hi Freek,
    Do your ad-lists change often?
    I’ve just setup a pi-hole and was going to use your ad-list but weren’t sure how to go about maintaining them. If I just need to copy them and that’s it that would be great!

    1. Hi! No, not really. I’m still using the same ad-lists as in the Pastebin link, but I do periodically check if there are any new/better ad-lists around. Additionally, I add websites to the whitelist (or blacklist) manually if I encounter any issues. Kind regards.

    1. I am aware of the issues with the DNS server. I will try to fix them this Monday, the 29th of January. I am short on time at the moment, sorry. I will also try to setup a secondary server for redundancy

    1. Thanks for your comment. 106.51.116.105 is running Pi-hole as far as I can see, but 1.1.1.1 is not because it’s the new DNS service operated by Cloudflare. Please do note that I do NOT own, operate or endorse the use of 106.51.116.105 and cannot comment or vouch for it’s creditability nor stability. Use at your own risk, you have been warned!!

    1. I don’t maintain the blacklists, they are maintained by third (community) parties. I just checked, bbc.com is not on there. It might be a temporary false-positive listing, as they are updated multiple times a week. Please check and let me know. Thanks!

    1. Thanks for letting me know. I’ve removed the entire Canvas.txt list by CHEF-KOCH due to multiple false positives in this list. Thanks!

    1. I’m sorry, that list format is not compatible with Pi-hole :( Pi-hole needs hostnames, not patterns. Sorry!

  7. How you handle DDOS attacks?

    I am getting below requests on my pi-hole continuously, seems like my server is used to amplify the attack.

    Surprisingly the IP is not getting updated in Top Clients list of Pi-hole, only when I checked the pihole.log I found it.

    Jul 18 06:27:02 dnsmasq[1076]: 45447 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45447 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45448 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45448 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45449 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45449 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45450 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45450 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45451 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45451 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45452 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45452 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45453 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45453 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45454 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45454 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45455 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45455 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45456 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45456 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45457 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45457 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45458 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45458 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45459 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45459 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45460 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45460 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45461 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45461 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45462 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45462 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45463 103.197.69.47/57098 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45463 103.197.69.47/57098 forwarded access-board.gov to 1.1.1.1
    Jul 18 06:27:02 dnsmasq[1076]: 45464 103.197.69.47/46358 query[ANY] access-board.gov from 103.197.69.47
    Jul 18 06:27:02 dnsmasq[1076]: 45464 103.197.69.47/46358 forwarded access-board.gov to 1.1.1.1

  8. Hello Freek,

    are you experiencing problems with the 4.0 update? i am unable to use the service

    regards, Louike

    1. Hi Louike,
      Yes, Pihole-NL is having major issues since the update to Pihole 4.0, therefore I suggest only using Pihole-UK which is still on Pihole 3.
      I am thinking of revamping the entire infrastructure. Now, I am running Pihole baremetal. I am thinking of running in it Docker containers so I am sure stuff keeps woring after every update and it stays up to date automatically using Watchtower. Moreover I am looking into Kubernetes so I can scale up easily when needed. This requires some extensive configuration and setup so I am still reading into all of this what the best approach might be.

      1. Thanks for your reply, i wil start using 185.187.240.11 as the primairy dns server on my devices.

Leave a Reply

Your email address will not be published. Required fields are marked *