Search This Blog

Set up Cloudfared DoH for Pi-hole

I would prefer using DNS over HTTPS (DoH) to increase privacy and security. Mozilla Firefox is the first web browser implementing DoH, and many other browsers follow. But how can I utilize DoH for the non-browser DNS request or enable DoH on each device that connects to my home network?

Pi-hole has a document to configure DNS-Over-HTTPS. To automate the install and configure Cloudfared on a Raspberry Pi running Raspbian, I create a bash script. I also add the steps to lock down the cloudfared account.

Here are how set up Cloudfared DoH using the script.
  • Make sure the Pi-hole is set up on your Raspberry Pi. See my post “Set up Pi-hole on a Raspberry Pi”.
  • Download the script from my Github on your Raspberry Pi
    • curl -O https://raw.githubusercontent.com/sfitpro/pi-hole/master/setup.cloudflared.doh.for.pi-hole.sh
  • Grant the execution permission to the script
    • chmod +x setup.cloudflared.doh.for.pi-hole.sh
  • Run the script
    • sudo ./setup.cloudflared.doh.for.pi-hole.sh
  • Configure the Pi-hole to use custom Upstream DNS server 127.0.0.1#5053
If all the setup is correct, you will notice the DNS queries on Pi-hole are answered by localhost.


No comments:

Post a Comment

Use WinSCP to Transfer Files in vCSA 6.7

This is a quick update on my previous post “ Use WinSCP to Transfer Files in vCSA 6.5 ”. When I try the same SFTP server setting in vCSA 6.7...