I used to have extra add-ons. Not anymore. Pi-hole removes most tracking cookies and advertising.
The only page I had a problem with was YouTube. That’s where advertising came through. However, I have solved it by blocking the entire Google. 
There’s no point in protecting yourself if you’re going to have services from Google, Apple, Facebook and so on. Block all of it!
A little tip for those of you who have DNS over HTTPS in your browsers. You have to turn it off. Otherwise, it won’t go through pi-hole. If you want to run DoH, you can fix it in Pi-hole instead. I’ve posted a link in this thread somewhere. It’s easy to fix.
It’s so nice to run it on an RPi. Just put it up and forget. I update once a month. Otherwise no maintenance! It draws very little power too. Doesn’t cost much in purchases either.
You can have really good uptime on them if you want:
Raspberry Pi 2 here. Pretty old but more than enough for a Pi Hole.
i Use this blocklist : https://raw.githubusercontent.com/deathbybandaid/piholeparser/master/Subscribable-Lists/CombinedBlacklists/CombinedBlackLists.txt
to block more then 2.098.000 domains. (Warning: to pretend overblocking, use whitelist)
I am using the default list at the moment but it is still blocking a lot.
There were a lot of blocks on your network. 43,9%. A lot of smart gadgets and mobiles?
I’ve split my network into several. I don’t have that many “smart stuff” on mine. Don’t trust them. But I have many servers and regular computers. Want to keep them apart.
You see I have an adblock too 
Anyone know about DoH? Is it good or not? Watched Rob Braxman’s clip about DoH. Apparently wasn’t good for privacy. I had it on, but turned it off a while ago.
Of course it’s not good, Rob is right - centralization is extremely bad idea for privacy, especially centralization on Google / Amazon.
Well, unless you trust them and want to play in hands of corporations 
Just watched the video, seemed to be as much an advert for the services he sells than anything else. Who really, in this day and age, thinks Google can be trusted for privacy? 
I have 5 separate network segments
I allow DNS traffic from everything except my guest network to the ph-hole so all my devices gain the benefit of the pi-hole.
DNS is generally problematic for privacy no matter what you choose. It is a choice between evils.
Ultimately, it is a choice between bad options. So when you someone says “DoH is bad for privacy”, my response is “Compared to what?”.
In the US, we know that ISPs are collecting and selling our data so I would rather use a DoH provider. If you have a VPN provider you trust than that is an even better option.
However, I would say using DoH is much better for privacy than sending unencrypted DNS traffic unless your ISP is extremely trustworthy.
So for Pihole, should DoH be enabled, disabled or it doesn’t matter so much (from a privacy pov)?
If you aren’t using a VPN, I would enable it on your pi-hole unless you trust your ISP with your data. But that is just my opinion. There is no “right” answer.
With DNS, you have to choose what/who you trust the most.
If you’re going to run DoH, you’re going to have to run it in pi-hole. If you turn it on in the browsers, it won’t go through pi-hole.
Yup lots of options for DNS providers other than Google, Cloudflare or your ISP.
DNS that is in pi-hole from the beginning does not offer DoH. You must do this:
Thanks. I generally use Adguard DNS at my router to cover my devices (plus ublock origin where I can). I’m planing on getting a Rpi zero w though.
Indeed, I have cloudflared service running with Quad9 as the backend resolver.
pi@raspberrypi:~ $ sudo systemctl status cloudflared
● cloudflared.service - cloudflared DNS over HTTPS proxy
Loaded: loaded (/etc/systemd/system/cloudflared.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-01-26 11:48:19 GMT; 2h 28min ago
Main PID: 3326 (cloudflared)
Tasks: 10 (limit: 4915)
CGroup: /system.slice/cloudflared.service
└─3326 /usr/local/bin/cloudflared proxy-dns --port 5053 --upstream https://dns.quad9.net/dns-query
Jan 26 11:48:19 raspberrypi systemd[1]: Started cloudflared DNS over HTTPS proxy.
Jan 26 11:48:19 raspberrypi cloudflared[3326]: INFO[2021-01-26T11:48:19Z] Adding DNS upstream - url: https://dns.quad9.net/dns-query
Jan 26 11:48:19 raspberrypi cloudflared[3326]: INFO[2021-01-26T11:48:19Z] Starting metrics server on 127.0.0.1:37443/metrics
Jan 26 11:48:19 raspberrypi cloudflared[3326]: INFO[2021-01-26T11:48:19Z] Starting DNS over HTTPS proxy server on: dns://localhost:5053
Thanks for all of the help and suggestions on here. I ended up setting things up in a VM to start, but the lure of a dedicated device for it will probably draw me in before too long. Also, then I won’t have to coordinate reboots on this EOS box around other people needing internet. I used dietpi as the OS and everything was super easy to set up. I still need to mess around some with settings and blocked lists, but that’s a good weekend project. One other question I had was around one screen shot you posted @anon9173994 , I saw you had irssi running on a pi, which would be nice. I assume that would be able to run on the same device as pi-hole? Also, do you just ssh to it and use screen run irssi or something fancy I don’t even know about?