All works great except for whitelisting.

Please follow the below template, it will help us to help you!

Expected Behaviour:

I input a domain name into the Admin Interface, under the “Whitelist” tab and that site should have ads come through again.

Actual Behaviour:

No matter what site I add to the Whitelist, ads still do not go through. This gives me problems with certain sites.

Debug Token:

https://tricorder.pi-hole.net/g6uw33h7dx

Please provide a specific example of a domain added to the whitelist that continues to be blocked. Output from /var/log/pihole.log would be helpful.

Apologies, but how would do I get you output from “/var/log/pihole.log”. New to pi-hole and linux commands in general.

You can upload it to tricorder and post output(token) here:

nc tricorder.pi-hole.net 9999 < /var/log/pihole.log

I honestly still don’t understand what I have to do. I’m sorry. Do I input something into the command line interface portion?

Yes thats the general idea.
Run the commands in a Bash shell/session:

A Bash session or shell can be started remotely via network using an SSH client:

That way you can access Pi-hole via bash command prompt but still have all your local desktop features/software available.
On Pi-hole make sure the SSH daemon/service is enabled/started at boot with below ones:

sudo systemctl enable ssh

sudo systemctl start ssh

On Linux and MacOS, an SSH client most of the times is already installed and you can use below command to loginto Pi-hole with the “pi” username:

ssh -l pi <PI-HOLE_IP_ADDRESS>

For Windows, PuTTY is a popular SSH client:

https://putty.org/

Advantage of connecting remotely via SSH is that you can copy paste commands from here and copy paste the output back to this Discourse forum.

Ps. you can adjust the upload command to upload only the last 100 lines from that /var/log/pihole.log file.
So you first browse to the troubled site and afterwards you run below one and post the outcome here on discourse to supply the devs/mods with the unique token:

tail -100 /var/log/pihole.log | nc tricorder.pi-hole.net 9999

If you want to live tail that log file to see yourself what lines are logged while browsing:

pihole -t

The tail command probably needs elevated privileges(sudo):

sudo tail -100 /var/log/pihole.log | nc tricorder.pi-hole.net 9999

That is not a command. That is a file location, and nothing to execute, since it is a text file.

To see the contents of the file, use the cat command prior to the filename.

cat /var/log/pihole.log

This will give you the entire log, which starts at midnight each day. If you want the front of the log, you would use head instead of cat, for the end of the log, use tail instead of cat.

You can also filter the ouput by piping the output through grep search. If I were to look for all instances of the word apple in the log, the command would be as follows, for example.

cat /var/log/pihole.log | grep apple

What is the domain that you have whitelisted but does not load?

techspot.com for example. I’ve whitelisted it and it loads just fine but ads are still blocked. Normally this wouldn’t bother me but some sites I would like to whitelist for performance reasons for example.

sudo tail -100 /var/log/pihole.log

Dec  2 19:28:07 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:07 dnsmasq[4086]: reply fonts.gstatic.com is <CNAME>
Dec  2 19:28:07 dnsmasq[4086]: reply gstaticadssl.l.google.com is 2607:f8b0:4009:803::2003
Dec  2 19:28:07 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:07 dnsmasq[4086]: reply fonts.gstatic.com is <CNAME>
Dec  2 19:28:07 dnsmasq[4086]: reply gstaticadssl.l.google.com is 2607:f8b0:4009:800::2003
Dec  2 19:28:07 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:07 dnsmasq[4086]: reply fonts.gstatic.com is <CNAME>
Dec  2 19:28:07 dnsmasq[4086]: reply gstaticadssl.l.google.com is 172.217.0.3
Dec  2 19:28:09 dnsmasq[4086]: query[A] www.techspot.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: forwarded www.techspot.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] www.techspot.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: forwarded www.techspot.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: query[A] fonts.googleapis.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: forwarded fonts.googleapis.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: query[A] www.techspot.com from 192.168.0.230
Dec  2 19:28:09 dnsmasq[4086]: forwarded www.techspot.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] www.techspot.com from 192.168.0.230
Dec  2 19:28:09 dnsmasq[4086]: forwarded www.techspot.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: query[A] fonts.googleapis.com from 192.168.0.230
Dec  2 19:28:09 dnsmasq[4086]: forwarded fonts.googleapis.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply fonts.googleapis.com is 172.217.1.42
Dec  2 19:28:09 dnsmasq[4086]: query[A] static.techspot.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: cached static.techspot.com is <CNAME>
Dec  2 19:28:09 dnsmasq[4086]: forwarded static.techspot.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] static.techspot.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: cached static.techspot.com is <CNAME>
Dec  2 19:28:09 dnsmasq[4086]: cached techspot-static-xjzaqowzxaoif5.stackpathdns.com is NODATA-IPv6
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 2607:f0d0:1301:b::3
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 2606:2e00:0:a0::4
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 174.127.84.118
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 184.173.241.68
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 184.173.241.68
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 174.127.84.118
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 2606:2e00:0:a0::4
Dec  2 19:28:09 dnsmasq[4086]: reply www.techspot.com is 2607:f0d0:1301:b::3
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply fonts.googleapis.com is 172.217.9.42
Dec  2 19:28:09 dnsmasq[4086]: query[A] static.techspot.com from 192.168.0.230
Dec  2 19:28:09 dnsmasq[4086]: cached static.techspot.com is <CNAME>
Dec  2 19:28:09 dnsmasq[4086]: forwarded static.techspot.com to 149.112.112.112
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply static.techspot.com is <CNAME>
Dec  2 19:28:09 dnsmasq[4086]: reply techspot-static-xjzaqowzxaoif5.stackpathdns.com is 151.139.241.2
Dec  2 19:28:09 dnsmasq[4086]: query[A] www.googletagservices.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list www.googletagservices.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: validation result is INSECURE
Dec  2 19:28:09 dnsmasq[4086]: reply static.techspot.com is <CNAME>
Dec  2 19:28:09 dnsmasq[4086]: reply techspot-static-xjzaqowzxaoif5.stackpathdns.com is 151.139.241.2
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] www.googletagservices.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list www.googletagservices.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] www.googletagmanager.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list www.googletagmanager.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] www.googletagmanager.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list www.googletagmanager.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] coordinatedcub.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list coordinatedcub.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] coordinatedcub.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list coordinatedcub.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] c.amazon-adsystem.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list c.amazon-adsystem.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] c.amazon-adsystem.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list c.amazon-adsystem.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] www.google-analytics.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list www.google-analytics.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] www.google-analytics.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list www.google-analytics.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] sb.scorecardresearch.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list sb.scorecardresearch.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] sb.scorecardresearch.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list sb.scorecardresearch.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] cdn.static.zdbb.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list cdn.static.zdbb.net is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] cdn.static.zdbb.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list cdn.static.zdbb.net is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] secure-us.imrworldwide.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list secure-us.imrworldwide.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] secure-us.imrworldwide.com from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list secure-us.imrworldwide.com is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] ns.zdbb.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list ns.zdbb.net is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] ns.zdbb.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list ns.zdbb.net is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] securepubads.g.doubleclick.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list securepubads.g.doubleclick.net is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] securepubads.g.doubleclick.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list securepubads.g.doubleclick.net is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[A] gurgle.zdbb.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list gurgle.zdbb.net is 0.0.0.0
Dec  2 19:28:09 dnsmasq[4086]: query[AAAA] gurgle.zdbb.net from 2601:246:200:169b:d64:d338:45ed:bd1c
Dec  2 19:28:09 dnsmasq[4086]: /etc/pihole/gravity.list gurgle.zdbb.net is 0.0.0.0
Dec  2 19:28:12 dnsmasq[4086]: query[A] tricorder.pi-hole.net from 127.0.0.1
Dec  2 19:28:12 dnsmasq[4086]: cached tricorder.pi-hole.net is 107.170.224.181
Dec  2 19:28:12 dnsmasq[4086]: query[AAAA] tricorder.pi-hole.net from 127.0.0.1
Dec  2 19:28:12 dnsmasq[4086]: cached tricorder.pi-hole.net is 2604:a880:1:20::1449:8001

Your output from the pihole log shows that techspot.com is not being blocked by Pi-Hole. The ads are coming from a different domain. Use these tools to determine where and then whitelist as applicable. Note that if whitelist a domain that is serving ads on that site, that same domain will be whitelisted for all sites and will serve ads on those sites as well.

Thing is, when I installed PiHole Months back (Back In version 3.xx) I remember Whitelisting working for individual websites and not having any further troubles. Has something in pi-hole changed in these last versions to change this and if so why? (sorry just trying to get an understanding). I actually did read the link you posted in a few days back and what it said made sense, I just don’t understand why pi-hole couldn’t allow them to work on one website but not all universally. Thank you.

Pi-Hole has not changed in this regard and has always applied blocking of any domain equally across all sites and clients.

So basically if I had to enable Twitter Ads on one site, it would be enabled on all. I’m still not sure why it couldn’t just selectively enable/disable them on a certain website. Not looking to you for answers, just thinking out loud.

But yeah I do remember whitelisting certain sites and ads going through. Ah well. It is what it is I guess. Thank you again for going through these steps with me and explaining everything.

Pi-Hole is a domain blocker. It receives a never-ending string of DNS queries from all connected clients. None of these are in context with any related website, and Pi-Hole is unaware of anything your browser is doing other than making DNS requests.

Pi-Hole receives a DNS query and evaluates it agains the blocklist. If blocked, 0.0.0.0 is returned. If not, then the IP is returned.

To selectively block or not block on a particular website, you will need to install a proxy-based blocker, something like uBlock Origin. This works at the browser level and is aware of the site being loaded as well as particulars of the html code being loaded.

This makes sense.