1. 53
  1. 3

    I like the idea. I’m quite hazy on how WHOIS works but is there not a risk that the client will get rate limited or blocked from whatever answers the queries? I’ve had similar errors after repeating a few Whois queries by hand, unless they’re all going out to different end points there must be many more queries with a system such as this.

    1. 2

      I love this. I don’t care about my privacy so much, but it’s very useful for productivity to block time-wasting sites for an hour or two at a time – and because of DNS over HTTP, it’s not easy to do through a DNS-based mechanism anymore.

      1. 3

        I have local-zone: use-application-dns.net refuse in my unbound.conf to tell applications to back to network controlled DNS, and it works.

      2. 2

        Love it. Great work! 👏

        1. 1

          This is great! I was dabbing around to write something like this myself, glad someone beat me to it!

          In addition to this, I’d like to also block all known DoH endpoints. Is there a list of those?
          -edit I found this one: https://dnscrypt.info/public-servers/ and it seems to have an API