Public faced pi-hole


Ive been using pi-hole for a few years now, and i really like it - actually so much, that i want to let other people use it :slight_smile:

Im considering hosting an pi-hole server for some family members / friends, and allowing UDP/TCP 53 to be open on my public IP.
But im concerned about the security regarding hosting an small "private" DNS server.
A few years back i read that you could amplify and DDoS attack using public DNS servers.

So is it safe to open up for DNS requests, from the internet to my pihole?

OBS - The friends and family are using dynamic IPs, and its therefor not an option, to limit the source.

1 Like

No. Never has been and never will be. Use a VPN to connect to the Pi-hole and never open port 53 to the internet.

With an open port 53, it is no longer private. The entire internet can use it.



Im aware that the entire internet, can use that server - but what is the risk of that?
Its not any different, than having my website hosted on HTTP?

Your server could be part of a DNS amplification attack easily

We do not provide support or guidance for people that chose to run open resolvers.

1 Like