It was fun to see that the Pi-hole was mentioned on the Security Now podcast.

It made me smile that he grasped the “black hole” concept of sending advertisements to “nowhere.”  And despite his understanding, you actually can whitelist domains, but it doesn’t always work the way you might think:

With most ad-blockers, you would whitelist the domain you want to see ads on, but since the Pi-hole works on the DNS level, this won’t always work the way you intend.  Many advertisements are hosted by a third party, so the ad may be coming from a different domain than the one you whitelisted.

For an example, my site shows ads but the images are hosted somewhere else and are loaded from them when someone visits a page on my site.  If you use Chrome’s or Firefox’s Element Inspector, you can see that the image for the ad is coming from tcp.googlesyndication.com, not jacobsalmela.com.

So even if you whitelisted jacobsalmela.com, you would need to also whitelist Google to see ads on my site.  As a secondary effect of this, any other sites that use tcp.googlesyndication.com, would also be whitelisted.

There are sites out there that host their own ads, in which case, whitelisting it would do the trick.  Using the Element Inspector is the best way to find out where the ad is hosted.