I like the idea. I’m quite hazy on how WHOIS works but is there not a risk that the client will get rate limited or blocked from whatever answers the queries? I’ve had similar errors after repeating a few Whois queries by hand, unless they’re all going out to different end points there must be many more queries with a system such as this.
I love this. I don’t care about my privacy so much, but it’s very useful for productivity to block time-wasting sites for an hour or two at a time – and because of DNS over HTTP, it’s not easy to do through a DNS-based mechanism anymore.
I have local-zone: use-application-dns.net refuse in my unbound.conf to tell applications to back to network controlled DNS, and it works.
local-zone: use-application-dns.net refuse
Love it. Great work! 👏
This is great! I was dabbing around to write something like this myself, glad someone beat me to it!
In addition to this, I’d like to also block all known DoH endpoints. Is there a list of those?
-edit I found this one: https://dnscrypt.info/public-servers/ and it seems to have an API