an ad- and malware-blocking script for Linux
Latest commit e3a1ba7 Jul 29, 2016 @Sadi58 Sadi58 committed on GitHub Update
Fixed typos in the newly added sections and moved FAQ up
Failed to load latest commit information.
aur Update AUR version to 0.999.3-1 Oct 30, 2015
conf Delete rc.conf Apr 9, 2016
man Reorganized project into folders Apr 26, 2015
pkg Delete rc.conf Apr 14, 2016
src Removed last vestige of automatic dnscacher detection Feb 26, 2016
systemd Update Jul 29, 2016


An ad-blocking and malware-blocking script for Linux


Hostsblock is a bash script designed to take advantage of /etc/hosts file to provide system-wide blocking of internet advertisements, malicious domains, trackers, and other undesirable content.

To do so, it downloads a configurable set of blocklists and processes their entries into a single /etc/hosts file.

Hostsblock also includes hostsblock-urlcheck, a command-line utility that allows you to block and unblock certain websites and any other domains contained in that website.


  • System-wide blocking - All non-proxied connections use the HOSTS file (Proxied connections can adopt the HOSTS file)

  • Compressed-friendly - Can download and process compressed files automatically. (Currently only zip and 7zip are supported)

  • Non-interactive - Can be run as a periodic cronjob or systemd timer without needing user interaction.

  • Extensive configurability - Allows for custom black & white listing, redirection, post-processing scripting, etc.

  • Bandwith-efficient - Only downloads blocklists that have been changed, uses compression when available.

  • Resource-efficient - Only processes blocklists when changes are registered, uses minimal pipes.

  • High performance blocking - Only when using dns caching and pseudo-server daemons.

  • Redirection capability - Enchance security and combats DNS cache poisoning.

  • Extensive choice of blocklists included - It is up to the user to choose how much or how little is blocked/redirected.


Optional dependencies for additional features

Unarchivers to use archive blocklists instead of plain text:

  • unzip (for zip archives)
  • p7zip (for 7z archives) must include either 7z or 7za executables!

A DNS caching daemon to help speed up DNS resolutions:

A pseudo-server that serves blank pages to remove boilerplate page and speed up page resolution on blocked domains:

Compressors to compress backup files and the annotation database:


Arch Linux

cd pkg; makepkg -Acsir

Or use one of the AUR packages: hostsblock, hostsblock-git

For others

install -Dm755 /usr/sbin/hostsblock
install -Dm755 /usr/sbin/hostsblock-urlcheck
install -Dm644 hostsblock.conf /etc/hostsblock/hostsblock.conf
install -Dm644 black.list /etc/hostsblock/black.list
install -Dm644 white.list /etc/hostsblock/white.list
install -Dm644 hosts.head /etc/hostsblock/hosts.head

Don't forget to enable and start the systemd timer with: systemctl enable --now hostsblock.timer

Refer to the man pages for more info about hostsblock's usage. (Currently useless! see #19)


All the Hostsblock configuration is done in the hostsblock.conf. This file is commented really good, please read through it before first use.


To use Hostsblock together with Dnsmasq, configure Dnsmasq as DNS cashing daemon. Pleas refer to your distribution's manual. For Archlinux read the following: Wiki section.


In the FINAL HOSTSFILE section, enable hostsfile="/etc/hosts.block.


    systemctl restart dnsmasq.service # For dnsmasq under systemd


Set addn-hosts= to addn-hosts=/etc/hosts.block


  • Why isn't it working with Chrome/Chromium?

    • Because they bypass the systems DNS settings and use their own. To force them to use the system's DNS settings, refer to this question.

News & Bugs


Hostsblock is licensed under GNU GPL