Improve your security and privacy by blocking ads, tracking and malware domains.

What is this for?

This POSIX-compliant shell script, designed for Unix-like systems, gets a list of domains that serve ads, tracking scripts and malware from multiple reputable sources and creates a hosts file that prevents your system from connecting to them.

Is it safe to use?

Absolutely, this script selects only the domain names for each source, so if a domain name is redirected to a rogue server your system will not be affected. In the worst scenario you can lose access to a legitimate domain name due a false positive, but you can reverse it by adding that domain to the whitelist.

Nightly builds

I provide nightly builds of the hosts file and installers for Windows (batch file installer) and Android (flashable zip).

Installation

curl -o /tmp/hblock ' https://raw.githubusercontent.com/zant95/hblock/v1.3.3/hblock ' \ && echo ' 148806074480956fa4f559a38f057cd0904adff19dc7d83bb33e0c25e9c99a34 /tmp/hblock ' | shasum -c \ && sudo mv /tmp/hblock /usr/local/bin/hblock \ && sudo chown root:root /usr/local/bin/hblock \ && sudo chmod 755 /usr/local/bin/hblock

Note: you can use you can use this Systemd timer to regularly update the hosts file for new additions.

Optionally, it is possible to use NPX to run hBlock without installation

npx hblock

Usage

Script arguments

You can also change the default behavior using these options:

Usage: hblock [options...] -O, --output FILE Hosts file location (default: /etc/hosts) -R, --redirection IP Destination IP for all entries in the blocklist (default: 0.0.0.0) -H, --header HEADER Content to be included at the beginning of the hosts file. You can use the output of any other command (e.g. "$(cat header.txt)") -S, --sources URLS Sources to be used to generate the blocklist (whitespace separated URLs) -W, --whitelist ENTRIES Entries to be removed from the blocklist (whitespace separated POSIX BREs) -B, --blacklist ENTRIES Entries to be added to the blocklist (whitespace separated domain names) -b, --backup [DIRECTORY] Make a time-stamped backup in DIRECTORY (default: output file directory) -l, --lenient Match any IP address from sources, although it will be replaced by the destination IP (default: 0.0.0.0, 127.0.0.1 or none) -i, --ignore-download-error Do not abort if a download error occurs -v, --version Show version number and quit -h, --help Show this help and quit

Preserve content

This script replaces the hosts file of your system, if you want to preserve part of its content, you should wrap that content with the following structure:

# <custom> ... # </custom>

Run preview

Sources