Skip to content

Using TOR

This is an unsupported configuration created by the community

To enhance your privacy you might want to route all or part of your Browser Traffic over Tor.

Tor Browser

The easiest and most reliable solution would be to use the Tor Browser. Though that won't use your Pi-hole DNS Server out of the box. You can however disable Proxy DNS when using SOCKS v5 in Tor Browsers Preferences -> Advanced -> Network -> Settings and make sure to point your system to use Pi-hole with DNS over Tor activated.

Your Browser

Edit /etc/tor/torrc on your Pi-hole as root, include the following line at the end and save the changes

SocksPort 0.0.0.0:9050
Note: You should make sure that only your LAN devices are able to access your Pi-hole on port 9050. Restart Tor
sudo service tor restart
Point your browser to use your Pi-hole IP or Hostname (e.g. pi.hole) and Port 9050 as Socks5 Proxy. Do not enable Proxy DNS when using SOCKS v5 and make sure to point your system to use Pi-hole with DNS over Tor activated.

  • For Chrome you can either use e.g. the Proxy SwitchyOmega Extension or start Chrome with command-line parameters.

  • For Firefox you can either use e.g. the FoxyProxy Add-on or configure the Socks5 Proxy directly in the Firefox Preferences.
    If you use a Proxy Add-on/Extension you can also e.g. route everything per default over Tor and only whitelist some sites that you need to perform really good.

Accessing .onion addresses

If you want to access .onion addresses with this kind of setup you have to activate Transparent Access to Tor Hidden Services on the Pi-hole host.


Notes

  • Don't define other regular Upstream DNS Servers than the Tor one if you want to avoid that your Pi-hole makes plaintext DNS requests.
  • From the Tor Manual regarding DNSPort:
    This port only handles A, AAAA, and PTR requests