tl;dr what are all the ways I can block a website on linux? Debian if it’s relevant.
I want to stop myself using certain sites. Since I’m reasonably techy and can work round all blocks I’ve come up with, I’ve found an effective approach is to apply as many hurdles as possible, so that visiting the website takes effort.
So far I’ve added the site to ublock’s block list, and redirected sites via /etc/hosts. What other options are there?
While I have admin access to the router, I’m not allowed to block sites there.
You’re gonna have better luck changing your habits than you will making a block that you yourself can’t overcome.
Don’t look for a solution that is technical where the problem is mental.
lmao. I hate takes like this.
It’s not about making the website impossible to get to, it’s about making the website more difficult and annoying to get to than an alternative productive activity/site.
Part of making it difficult to get to is technical.
Maybe block on your router and save your router password such that you need to jump through several hoops to unlock it, eg password saved in one password manager DB whose master password is in another DB whose password is in another DB, etc. If you have to unlock like 10 password databases to get into your router, you’ll probably give up on whatever bad habit you were trying to do as it’s too much effort.
DNS level blocking is a massive pain to circumvent. Adguard DNS and NextDNS allow you to do this. Mullvad DNS allows you to block adult websites, gambling sites, and (optionally) social media without creating an account.
I use NextDNS and it has feature to block domains. Unfortunately i often unblock it back.
Any of the adblockers can do this. Pihole, adguard home, technitium. Ublock origin to. You can probably do it pretty painstakingly through the hosts file as well.
LeechBlock NG isn’t exactly what your’e looking for but it still may help. Of course, it’ll have no effect if UBO and the DNS already shut everything off.
Roughly from high level to low level:
- uBlock custom filters
- Make pages unusable or less attractive by wonky per-site browser or extension settings
- IP and DNS blocks on your local machine
- Run a DNS proxy on your local machine and block domains with it
- Host a pihole server on a different machine, make it your DNS server and block domains there
- IP and DNS blocks in your router (if your current one has no option for this, consider buying another, preferably used)
Best apply the methods arbitrarily, so that you get even more confused about how you might restore access to a given website.
Options 5 and 6 may be the only viable ones for locking down certain smartphones or tablets.
If redirecting with /etc/hosts isn’t enough, you could set up a cron job (I guess as root?) to re-copy a hosts file back to /etc/hosts every half hour or something. That way even if you do manually change /etc/hosts for an quick peak of an illicit website, it’ll go back to being blocked in a short amount of time. This’ll add a bit of the “pain in the ass” factor.
i’m curious what websites are you doing. what’s the threat model??
reddit; may add news sites given the wonderful news we’re getting these days
oooh!! i did a *monkey (greasemonkey, violentmonkey (tampermonkey is not libre!)) script to redirect to a random xkcd page hashed based off of the url (despite xkcd not being a free cultural work)
i do not currently have it
lol it’s probably porn
You could try behavioral therapy. Doesn’t need to be psychiatrist (but does have to be professional).
You can also use a firewall to deny/reject outgoing and incoming traffic to those IPs. By example, with
ufw:# apt install ufw bind9-dnsutils # install Uncomplicated Firewall and dig # ufw enable # activate the firewall # dig +short reddit.com # get reddit A IPs 151.101.65.140 151.101.1.140 151.101.193.140 151.101.129.140 # ufw deny in on all from 151.101.65.140 comment 'deny in connections to reddit' # ufw deny out on all to 151.101.65.140 comment 'deny out connections to reddit' . . .Or in only one line:
uIPs=$(dig +short reddit.com); for uip in "${uIPs}"; do echo "$uip"; done;thanks for the great technical suggestions everyone
You can use iptables to block connections, by example, using
ufwthe uncomplicated firewall:# apt install ufw bind9-dnsutils # Install ufw and nslookup # uIPs=$((nslookup reddit.com && \ nslookup www.reddit.com && \ nslookup redd.it && \ nslookup redditstatic.com && \ nslookup www.redditstatic.com) \ | awk '/^Address: / { print $2 }' | sort -u); \ for uip in ${uIPs}; do \ echo -n "${uip} " && \ ufw deny from "${uip}" comment 'deny reddit.com'; \ ufw deny out to "${uip}" from any comment 'deny reddit.com'; \ done; # ufw enable # ufw status numberedAlso, to block them in the firefox browser, you can also use the
FoxyProxyextension, and use the proxy by patterns options to use a non-existant proxy for the domains that you want to block.Edit to add config example:
See a psychiatrist. You already have root on these systems… if you are truly a split personality then fences aren’t going to prevent your other self from doing whatever they want.
