How careful should I be adding blocklists?

I'm not familiar with the backend of how Pi-hole adds blocklists. Does it download a copy of the file and analyze it? If it downloads a copy, then it would be theoretically possible for someone to put malicious software in the file, and for it to then infect the machine.

Does it handle importing the domains in a different way, such that viruses and malware are not a concern?

For now, I'm being extremely careful and picky about which blocklists I add, only adding well-known and tested ones. I know this is best practice, as a poorly made blocklist can cause more harm than good, regardless of whether or not it has malware, but there are some lesser-known third party blocklists I would like to add. I just want to make sure I'm not going to give my Pi-hole machine a virus or anything by adding a blocklist.

I only trust reliable sources of lists. There is checking done by the gravity update process but that is on the record structure. Here is a site that has a good source of reliable lists:

Yes. We retrieve the list at the specified URL, strip any leading IP's and save the remaining domains (1 per line) into gravity. Lines that do not contain valid entries are rejected.

We don't process anything other than domain names. No executables, etc.

Imported domains go into the SQL database /etc/pihole/gravity.db. This file is searched when a client requests a domain - if the domain is in this file, the domain is blocked.

1 Like

This looks pretty good. Thank you for the recommendation.

Ah, so no worries about getting malware then. Still, I'll be careful. Thank you for the information.