Every device on your network is bombarded 24/7 with malware, banner ads, pop-ups, and activity-tracking scripts. All that extra cruft slows down your browsing. But with a bit of tinkering, you can program a tiny and cheap Raspberry Pi computer to block this noisome dross. Follow these instructions to install the free program Pi-hole, which checks all incoming data against blacklists of your choosing before deciding whether the packets should be passed on to your devices. It's more efficient than a standard ad blocker; the filtering works across every device on your network, banishing ads, trackers, and malicious code from phones, iPads, PCs, game consoles, Rokus, and even smart TVs.
- Raspberry Pi ($35) with the free Raspberry Pi OS software installed
- Home network router (either the one from your ISP or your own—we like the TP-Link AX6000)
- Mac or Windows PC for installing and controlling Pi-hole
- Comfort typing into a command-line interface (nothing too hairy, we promise)
With the Pi and your computer on the same network, open a terminal window (use Terminal on Macs; Command Prompt on Windows) and connect to the Pi using SSH. The secure protocol sends commands from one computer to another; find instructions at Raspberrypi.org to help with this. Next, type the command below to install Pi-hole, selecting the default options and writing down any network info you see:
curl -sSL https://install.pi-hole.net | bash
Close the terminal window; we're done with the command line. (See, that wasn't so bad.) Open a web browser and navigate to http://pi.hole. This is where you'll control Pi-hole and decide what to block and what to allow. You'll see some default options to block the most egregious trackers on the internet, but you can always fine-tune things to suit your needs by adding the web addresses where specific services live. Try nuking ads in Twitch or blocking Alexa requests so your kids can't summon pizzas or Ubers. Pi-hole.net and the r/pihole subreddit are great places to find web addresses to add to your blacklist.
Keep your Pi-hole powered on and connected to your network; plug it directly to your router if you can. Now open your router's control panel in a web browser (consult your router's documentation for this part) and look for your network's DHCP/DNS settings for your LAN—not your WAN. In the DNS field, type in the IP address of your Raspberry Pi. (You wrote it down earlier, right?) This will force all inbound data to go through the Pi and get checked against your lists before going out to your devices. Now restart your networked devices one by one; this forces them to reconnect to the internet through the Pi-hole.
If Firefox is your browser of choice, there's one extra step. Depending on your configuration, that browser may ignore your local DNS server and instead use DNS over HTTPS, also called DoH. There are some additional settings you'll need to tweak; find those instructions in the official Pi-hole documentation.
That's it. You're up and running with Pi-hole. Want to see how much gunk you're now blocking? Check out the dashboard at pi.hole/admin.
If you buy something using links in our stories, we may earn a commission. Learn more.
This article appears in the October issue. Subscribe now.
- 📩 Want the latest on tech, science, and more? Sign up for our newsletters!
- YouTube’s plot to silence conspiracy theories
- A Texas county clerk’s bold crusade to transform how we vote
- Meet the WIRED25: People who are making things better
- You have a million tabs open. Here’s how to manage them
- Tips to fix the most annoying Bluetooth headphone problems
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers, running gear (including shoes and socks), and best headphones
