How do I whitelist or blacklist a domain?

whitelisting
blacklisting

#1

Whitelisting And Blacklisting Is Different On Pi-hole

Whitelisting or blacklisting a site on the Pi-hole works differently than traditional ad-blockers. This is because the Pi-hole works at the DNS level, which should make more sense as you read on.

Let’s say you want to whitelist pi-hole.net. With a normal ad blocker, you would just whitelist that domain. But on the Pi-hole, you need to do a little investigation into the site you want to whitelist. Now pi-hole.net doesn’t have ads, but imagine for a moment that it used Google Ads, which many other sites do. Since the ad images are hosted by Google, you would need to whitelist Google to allow ads on pi-hole.net.

Now if you were to whitelist Google ads so they would show up on pi-hole.net, you would also be whitelisting them for every other site that uses Google ads. So while this can be extremely powerful for blacklisting (i.e. blacklisting a single domain, blocks ads on multiple sites), it can also be difficult to support the sites you want.

Use A Plugin To Help

I suggest using the Chrome extension Whitelist Assistant by DNSthingy as it will do a lot of the work for you. Just load up a page and open the extension to see all the domains the current page is using.

So in the hypothetical situation of pi-hole.net displaying advertisements from Google, if one of Google’s ad-serving domains is tpc.googlesyndication.com. So if you happened to whitelist pi-hole.net and not tpc.googlesyndication.com, ads would not appear because you did not whitelist the Google domain where the ads are being served from.

Self-hosted Advertisements

Some sites like The Next Web host their own canvas ads, simply whitelisting thenextweb.com would be good enough since the files are hosted on the same domain.

How To Actually Whitelist Or Blacklist A Domain

On-demand

The easiest way is to just navigate to the Pi-hole dashboard and click Whitelist.

Alternatively, you can now whitelist Websites on demand by using he pihole command.

pihole -w someaddomain.com anotheraddomain.net

Use the -b option to blacklist intead of whitelist

pihole -b someaddomain.com anotheraddomain.net

What To Do If A Site Is Still Not Being Whitelisted

If a domain you were expecting to be whitelisted is not, you can run a two commands to get some more clues. Some sites will have many subdomains, which may also need to be whitelisted. For example, to find out what domains Apple has on the list, run this command:

for list in /etc/pihole/list.*;do cat $list | grep apple.com;done

which will return a list like this:

advertising.apple.com
autolinkmaker.itunes.apple.com
c.apple.com
iadsdk.apple.com
metrics.apple.com
securemetrics.apple.com

So even if you whitelisted apple.com, there are several other subdomains belonging to Apple, which you should also whitelist. Just replace apple.com in the command above with the domain you are searching for. Now you can copy and paste the domains that were returned into /etc/pihole/whitelist.txt.

Another command you can run is this:

pihole -q somedomain.com

which will let you quickly find out what list your domain exists in and whether or not it may have additional subdomains that are still being blocked and then add those domains to your whitelist. This is sometimes useful if you feel like a certain list is giving you lots of issues.


How do I flush my Pi-hole cache?
How can I use Pi-hole for all my devices except one (or more)?
First time visits without 'www.' show as blocked
Google Links no more authorized (solved)
Blocking radio buttons on Orvis and L.L.Bean
Basic question about whitelisting
Ads on www.orlandosentinal.com
#2

To list all entries for apple.com and not all the entries that contain apple.com (that are mostly scammers), do this:

for list in /etc/pihole/list.*;do cat $list | grep -e '\.apple.com$';done