Remove “pi.hole” hostname completely

Hi there,

I found the old ' Remove “pi.hole” hostname completely' article but can not post below it because it is closed.
I would really like to see this feature implemented (at least in 6.x) because it causes a major hold-up in our testing infrastructure. We do network based pen tests and pi.hole is one of the hostnames which are definitely NOT allowed but pi-hole resolves it, so it generates a false-positive. The only solution at the moment is to remove pi-hole and use a different nameserver but that is not our goal.

From a security stand point of view: Resolving a hostname (hardcoded) which does not exist (and/or is NOT wanted) in a network is a risk. It can be used by intruders for intelligence gathering, not only identifying a service but also the software behind a service. For example with a nslookup for pi.hole the attackers knows it is a pi-hole installation and use 'old' attack vectors to attack the service, if security problems have been identified in older versions of pi-hole (the user is still using because he is lazy not updating).

1 Like

In v6 you are able to change Pi-hole's domain using webserver.domain config option:


Looks good ... any way to get rid of it in Version 5?
Or do I need to monkey-patch the sources and compile my own version?



The adage about the weakness of security through obscurity seems to fit.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.