How can I block websites?
5d 1h ago by programming.dev/u/staircase in linux@lemmy.ml
tl;dr what are all the ways I can block a website on linux? Debian if it's relevant.
I want to stop myself using certain sites. Since I'm reasonably techy and can work round all blocks I've come up with, I've found an effective approach is to apply as many hurdles as possible, so that visiting the website takes effort.
So far I've added the site to ublock's block list, and redirected sites via /etc/hosts. What other options are there?
While I have admin access to the router, I'm not allowed to block sites there.
Therapy of some sorts is probably going to be more effective than making self-blocks, especially if you're technically competent. I wish you luck with stopping whatever addiction it is.
It can help. A lot of the time I go on Reddit for example starts subconscious. If that doesn’t work the conscious part kicks in and I know I don’t want to visit that craphole so I close the tab again and put the phone aside. Otherwise I see content and keep scrolling.
The real hack is (almost) always social.
Setup a PiHole and add them to the blocklist. Then make the PiHole password stupid long and write it down. Then take the paper, put it in a safe, and put it in the highest shelf in the back of your closet. Recurse safes and passwords as much as needed.
Even better, store the password offsite—safe at a friend's house, safety deposit box at the bank . . .
And if you don’t have any friends or a bank, put it in a double ziplock, then drop it in a Tupperware of water and freeze it.
well I do hate going into town, so that would work
You could just change your DNS server to get around that though, even without the password.
You’re gonna have better luck changing your habits than you will making a block that you yourself can’t overcome.
Creating hurdles can help lowering the temptation. I totally get OP.
Therapy is probably a better option.
/etc/hosts and set the websites to go to 0.0.0.0 or 127.0.0.1
Roughly from high level to low level:
- uBlock custom filters
- Make pages unusable or less attractive by wonky per-site browser or extension settings
- IP and DNS blocks on your local machine
- Run a DNS proxy on your local machine and block domains with it
- Host a pihole server on a different machine, make it your DNS server and block domains there
- IP and DNS blocks in your router (if your current one has no option for this, consider buying another, preferably used)
Best apply the methods arbitrarily, so that you get even more confused about how you might restore access to a given website.
Options 5 and 6 may be the only viable ones for locking down certain smartphones or tablets.
Only thing I can think of is to remove your default account from the sudoers file and have an account with a frustratingly long password written on physical paper hold the keys to the kingdom. That will make a whole lot of other things a hurdle too though.
Yeah, whatever roadblocks are set up can easily be dismantled using the same privs.
Only way to achieve this goal is to either hand the keys to someone else or to lock yourself out.
Making it a hassle to circumvent the roadblocks can help make the undesired behavior less attractive to you in the moment or stop unconscious behavior.
For example, I sometimes open lemmy just with my muscle memory when I'm bored without even thinking about it, even though I know I've scrolled through pretty much all the current content I get in my feed already.
Moving the app icon around stops me from opening lemmy without actively thinking about it and therefore adds a (admittedly small) barrier to my bad behavior.
Adding a long and complex password that I would have to enter manually, as someone in the comments recommend, would probably make me rethink my actions even more. Do I really want to get out the password and be annoyed by having to type it out just to do this?
DNS... set your system up to use an external DNS provider like OpenDNS where you can select categories to block.
I used this to block adult, gambling, malware, etc at the grandparent's house when the kids were growing up and starting to search the internet for school homework, etc.
If it's done in the router you'll cover all devices and you give someone else the password, so you can't change it.
Any of the adblockers can do this. Pihole, adguard home, technitium. Ublock origin to. You can probably do it pretty painstakingly through the hosts file as well.
Maybe block on your router and save your router password such that you need to jump through several hoops to unlock it, eg password saved in one password manager DB whose master password is in another DB whose password is in another DB, etc. If you have to unlock like 10 password databases to get into your router, you'll probably give up on whatever bad habit you were trying to do as it's too much effort.
Don't look for a solution that is technical where the problem is mental.
It's not a solution to a problem, it's a mitigation option. There is a lot of evidence that it works. Even OP mentioned that it's effective for them.
LeechBlock NG isn't exactly what your'e looking for but it still may help. Of course, it'll have no effect if UBO and the DNS already shut everything off.
Just set the site to be hidden? If it's not in the list you didn't even know its an option and thus everything else is moot.
Pretty sure every search engine at thing point has a option to just "not show results from this website" or equivalent.
Out of sight out of mind.
DNS level blocking is a massive pain to circumvent. Adguard DNS and NextDNS allow you to do this. Mullvad DNS allows you to block adult websites, gambling sites, and (optionally) social media without creating an account.
I use NextDNS and it has feature to block domains. Unfortunately i often unblock it back.
Private DNS service.
use the redirector addon to auto redirect somewhere else
i'm curious what websites are you doing. what's the threat model??
lol it's probably porn
reddit; may add news sites given the wonderful news we're getting these days
If redirecting with /etc/hosts isn't enough, you could set up a cron job (I guess as root?) to re-copy a hosts file back to /etc/hosts every half hour or something. That way even if you do manually change /etc/hosts for an quick peak of an illicit website, it'll go back to being blocked in a short amount of time. This'll add a bit of the "pain in the ass" factor.
thanks all, these are good suggestions
NextDNS is a good option for your use case. It allows you to block entire categories of websites and even has an option to setup a schedule on when you are allowed to access them. It also has blocklists you can pick from and the ability to blacklist and whitelist individual domains. And the free plan is very generous. You can just try it and see how it works for you.
You can use iptables to block connections, by example, using ufw the uncomplicated firewall:
# apt install ufw bind9-dnsutils # Install ufw and nslookup
# uIPs=$((nslookup reddit.com && \
nslookup www.reddit.com && \
nslookup redd.it && \
nslookup redditstatic.com && \
nslookup www.redditstatic.com) \
| awk '/^Address: / { print $2 }' | sort -u); \
for uip in ${uIPs}; do \
echo -n "${uip} " && \
ufw deny from "${uip}" comment 'deny reddit.com'; \
ufw deny out to "${uip}" from any comment 'deny reddit.com'; \
done;
# ufw enable
# ufw status numbered
Also, to block them in the firefox browser, you can also use the FoxyProxy extension, and use the proxy by patterns options to use a non-existant proxy for the domains that you want to block.
Edit to add config example:
You could try behavioral therapy. Doesn't need to be psychiatrist (but does have to be professional).
See a psychiatrist. You already have root on these systems... if you are truly a split personality then fences aren't going to prevent your other self from doing whatever they want.