This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
internet:security:pihole [2021/01/16 21:33] gcooper |
internet:security:pihole [2023/02/03 11:00] (current) gcooper |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Pi-Hole DNS Sinkhole and Ad Blocker ====== | ====== Pi-Hole DNS Sinkhole and Ad Blocker ====== | ||
+ | |||
+ | <note tip>It may just be easier to use free AdGuard DNS servers... | ||
+ | |||
+ | https:// | ||
+ | </ | ||
https:// | https:// | ||
Line 16: | Line 21: | ||
**Blocklist List**: https:// | **Blocklist List**: https:// | ||
+ | |||
+ | ===== Flush DNS Cache ===== | ||
+ | |||
+ | < | ||
+ | pihole restartdns reload-lists | ||
+ | </ | ||
===== Update ===== | ===== Update ===== | ||
Line 47: | Line 58: | ||
< | < | ||
CC_ALLOW_PORTS = US | CC_ALLOW_PORTS = US | ||
- | CC_ALLOW_PORTS_TCP = 53,22222 | + | CC_ALLOW_PORTS_TCP = 53,22 |
CC_ALLOW_PORTS_UDP = 53 | CC_ALLOW_PORTS_UDP = 53 | ||
</ | </ | ||
Line 53: | Line 64: | ||
==== Botnet Attack ==== | ==== Botnet Attack ==== | ||
- | We use CSF firewall for bastion hosts. | + | === IP Address List === |
- | :!: '' | + | :!: You can use this with Mikrotik routers and other devices. |
- | Create an IP list from the last two days: | + | Create an IP list from the last two days using '' |
< | < | ||
- | cat / | + | cat / |
- | cat / | + | cat / |
</ | </ | ||
+ | |||
+ | === CSF === | ||
+ | |||
+ | We use CSF firewall for bastion hosts. | ||
+ | |||
+ | :!: '' | ||
RegEx to find IP of attacker of ELDERJUSTICE.GOV: | RegEx to find IP of attacker of ELDERJUSTICE.GOV: | ||
Line 93: | Line 110: | ||
</ | </ | ||
- | Reboot needed? | + | Restart CSF: |
- | ===== All Around | + | < |
+ | csf -ra | ||
+ | </ | ||
+ | |||
+ | ===== Recursive | ||
<note important> | <note important> | ||
Line 105: | Line 126: | ||
The All Around DNS Solution adds **recursion**. | The All Around DNS Solution adds **recursion**. | ||
+ | ===== Exclude Some Clients ===== | ||
+ | |||
+ | :!: Use the **firewall** to block abusive external (recursive) clients. | ||
+ | |||
+ | https:// | ||
+ | |||
+ | ===== Troubleshooting ===== | ||
+ | |||
+ | If the admin web interface gets wonky, try this as a temporary fix: | ||
+ | |||
+ | < | ||
+ | pihole -f | ||
+ | </ | ||
+ | |||
+ | Also try giving PHP more RAM. The default is 128M, but you can give a lot more depending on your server' | ||
+ | |||
+ | < | ||
+ | vim / | ||
+ | |||
+ | memory_limit = 1024M | ||
+ | </ |