This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
internet:security:pihole [2021/02/06 14:17] gcooper |
internet:security:pihole [2023/02/03 11:00] (current) gcooper |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Pi-Hole DNS Sinkhole and Ad Blocker ====== | ====== Pi-Hole DNS Sinkhole and Ad Blocker ====== | ||
+ | |||
+ | <note tip>It may just be easier to use free AdGuard DNS servers... | ||
+ | |||
+ | https:// | ||
+ | </ | ||
https:// | https:// | ||
Line 20: | Line 25: | ||
< | < | ||
- | pihole restartdns | + | pihole restartdns |
</ | </ | ||
Line 53: | Line 58: | ||
< | < | ||
CC_ALLOW_PORTS = US | CC_ALLOW_PORTS = US | ||
- | CC_ALLOW_PORTS_TCP = 53,22222 | + | CC_ALLOW_PORTS_TCP = 53,22 |
CC_ALLOW_PORTS_UDP = 53 | CC_ALLOW_PORTS_UDP = 53 | ||
</ | </ | ||
Line 59: | Line 64: | ||
==== Botnet Attack ==== | ==== Botnet Attack ==== | ||
- | We use CSF firewall for bastion hosts. | + | === IP Address List === |
- | :!: '' | + | :!: You can use this with Mikrotik routers and other devices. |
- | Create an IP list from the last two days: | + | Create an IP list from the last two days using '' |
< | < | ||
Line 69: | Line 74: | ||
cat / | cat / | ||
</ | </ | ||
+ | |||
+ | === CSF === | ||
+ | |||
+ | We use CSF firewall for bastion hosts. | ||
+ | |||
+ | :!: '' | ||
RegEx to find IP of attacker of ELDERJUSTICE.GOV: | RegEx to find IP of attacker of ELDERJUSTICE.GOV: | ||
Line 99: | Line 110: | ||
</ | </ | ||
- | Reboot needed? | + | Restart CSF: |
+ | |||
+ | < | ||
+ | csf -ra | ||
+ | </ | ||
===== Recursive DNS ===== | ===== Recursive DNS ===== | ||
Line 110: | Line 125: | ||
The All Around DNS Solution adds **recursion**. | The All Around DNS Solution adds **recursion**. | ||
+ | |||
+ | ===== Exclude Some Clients ===== | ||
+ | |||
+ | :!: Use the **firewall** to block abusive external (recursive) clients. | ||
+ | |||
+ | https:// | ||
===== Troubleshooting ===== | ===== Troubleshooting ===== | ||
- | If the admin web interface gets wonky: | + | If the admin web interface gets wonky, try this as a temporary fix: |
< | < | ||
pihole -f | pihole -f | ||
+ | </ | ||
+ | |||
+ | Also try giving PHP more RAM. The default is 128M, but you can give a lot more depending on your server' | ||
+ | |||
+ | < | ||
+ | vim / | ||
+ | |||
+ | memory_limit = 1024M | ||
</ | </ |