It would be awesome to be able to subscribe to user-maintained whitelists, as well as locally hosted whitelists.
I had the idea a few months ago, and created a repository with lists seperated by service type.
Here is on reddit where PromoFaux made a comment on the idea
Edited above from:
A script I'm writing does a file loop that
- trims the domain name from a link.
- saves the domain name as a variable
- saves the domain-variable to a file (sudo echo tee append)
- it then removes duplicates, and sorts the list
The file is single lined. I know how to run pihole -w for every single line, but I want to run one command to whitelist them all.
What about making a script that puts them in a space-separated list (
domain1.com domain2.com domain3.com), so that you can just copy paste it into the command?
pihole -w domain1.com domain2.com domain3.com
Edit: You could even run that command as part of the script.
I thought about doing that, which might be the solution to the script I'm currently working on, but there are also some other projects that might benefit from being able to directly import from a file.
This also ties in with my idea that someday we could subscribe to whitelists, the same way we can subscribe to blacklists.
Do you know of any public whitelists like you're suggesting?
I've seen several on github,,, (I occasionally just search github for the term pihole.)
I also started this repository based on things I've found on commonly-whitlisted pages, (here, github, reddit)
It's separated by type of service, so that it's the users choice what to allow.
Also, when running pihole -g it almost feels silly to have over 200 domains whitelisted. (some of them preemptively to avoid issues to services that I use)
You can make a separate feature request for the idea here.
I converted the thread into a feature request for that, as that is more/less what I was going for.
Is there any progress on this feature request? Is it being considered, implemented or just a no-no?
I'd like to subscribe to a whitelist such as anudeep's whitelist, without having to cron a separate update script.
Essentially, I'd prefer to run the Pi-hole with all admin done through the web admin, rather than having to ssh in.
No updates yet. We have quite a few feature requests and we try our best to evaluate them all and implement the ones that make sense.
I would also like this feature, came to this forum looking for just this.
I googled for this feature and found this thread. Would also like to see this implemented.
The whitelist I would like to subscribe now is: https://raw.githubusercontent.com/mkb2091/blockconvert/master/output/whitelist_domains.txt
in anycase, I think using a loop and "pihole -w" works.. but is messy
Some of the entries on that list are not compatible with Pi-hole. Example:
I'm using anudeep's whitelist script to "fix" some broken domains as a result of my enabled blocklists. THat's great- I can continue to do it via the CLI but it would be really easy to just subscribe to the curated list in the GUI.
But I'd like to take is a step further. Pi-hole is an adblocker but already has all the DNS-level filtering in place to serve as a safe browsing tool for my kid who is just starting to venture onto the web itself for remote learning (age 5....) due to the pandemic. The totally-locked down iPad doesn't cut it for the classroom experience. Letting her loose on YouTube (linked from schoolwork) and with unfettered access to a browser (external sites linked from school) is a bit nerve-racking.
So far I have blocked multiple domains using Pi-hole 5.0 in addition to the ad-lists. For example- subscribed to a porn blocklist but only applied it to her devices by client group, instead of house-wide. I set up safe search custom DNS entries (network wide- only choice using piHole) and blocked all other search engines I could find that don't implement a safe search option - again applying the blacklists to only her client group.
What I'd love to do for the time being while she is in primary school is essentially blacklist the internet from her devices then whitelist only educational sites. While I could accomplish this with a global regex blacklist entry in the GUI under domain management section, applied to her client group and then whitelist a bazillion individual sites, it would be a lot easier to whitelist a curated list like http://savingus.org/download/whitelist-buntu.txt (although I'd likely edit this locally pulling out all the religious entries.... brainwashing isn't the goal here). As she gets older, sites get added, and then restrictions get relaxed as she is old enough to properly understand internet safety.
Pi-hole already has all the other features to work as an internet filter for kids except this.
Must say I'm rather surprised to not find this feature in such an advanced project. Already been using the feature with diversion.ch (who offered it from the get-go). In fact, I'd say this is a Nr 1 requirement and its lack is quite off-putting. I'll have to go back to pfsense's filter or diversion if this doesn't seem to ever be implemented. And I would code it myself if I'd have the time right now, it's really not that hard to do.
For now, here's a whitelist I've been maintaining for diversion for ages, it's a concatenated bunch of lists plus my family's own, and some sorting/cleaning of it all; https://jult.net/white.txt
Automating others whitelisting domains on your Pi-hole? Why?
Sure sure, and you could write Pi-hole in an afternoon in Perl...
I did not write anything about writing pi-hole in perl. Again;
pihole offers a box in a web-ui where one can enter hostnames to be whitelisted, it works when I paste hundreds of them in there and submit them for whitelisting. Those hundreds of names are copy pasted from a txt file I create and maintain myself, because I use pfsense and diversion for more than one machine and network I administrate, and I'd rather have the whitelisting to be centralized for me (and others like me who trust my judgement, which, by the way, many seem to do, since the list is being grabbed a lot).
Since one can enter the list through copy pasting into a web-UI, it seems rather trivial to generate the sqlite from a given URL. In fact, the code is almost done; GitHub - dMopp/pihole5-adlist-update-cron: A pihole5 compatible cronjob to fetch Adlist(s) from URL and import them to the new gravity.db
So you're tracking the users downloading your whitelist?
I still say allowing other people to have control of your whitelist is absolutely stupid and dangerous.
As for the code, great that someone did it but we can't just take other people's work and make it ours.
A workaround in the absence of such a feature would be:
SQL command to clear the entire whitelist.
sudo sqlite3 /etc/pihole/gravity.db "delete from domainlist where type=0;"
SQL command (or script with a loop) to inject a new whitelist from your text file.
pihole restartdns reload-lists
As you noted, the code is almost done.