Pihole adlist and Regex blacklist

Pi-hole is network-based ad-blocking software as well as a custom DNS server. It uses DNS sinkholing and blocklists to stop internet ads, telemetry etc..

There are several adlists available for pihole, but I would like to recommend following list of pihole –


Other than the list above you can use following regex blacklist to block ads and telemetry –


Enjoy pihole and donate if you like the project to support the developers.

Update Pihole docker container using portainer

In this article, lets take a look on how to update pihole docker container version to latest version using Portainer.

What is Pi-hole?

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole and optionally a DHCP server, intended for use on a private network.

What is Portainer?

Portainer is an open source container management tool for Kubernetes, Docker, Docker Swarm and Azure ACI. It allows anyone to deploy and manage containers without the need to write code.

Pihole docker container update using Portainer

Pihole usually displays when there is a new version available on the footer as shown in the below screenshot.

Pihole update available
  1. Login to your Portainer instance
  2. Goto containers

3. Select ‘Pihole’ container

4. Click on the ‘Recreate’ button. It will display following prompt –

5. Click on the ‘Pull latest image’ option and then click on ‘Recreate’ button.

6. It will take few minutes to download latest Pihole image and recreating a container.

7. Once done, you can goto your pihole instance and verify that pihole is updated to latest version, as shown below –

Microsoft .NET 5

Microsoft supports two .NET implementations for building server-side apps – .NET Framework and .NET 5 (including .NET Core).

.NET 5.0 is the next major release of .NET Core following 3.1. Microsoft has skipped version numbers 4.x to avoid confusion with .NET Framework 4.x. “Core” from the name has also been dropped to emphasize that this is the main implementation of .NET going forward. .NET 5.0 supports more types of apps and more platforms than .NET Core or .NET Framework.

Some of the .NET 5 Highlights

There are many important improvements in .NET 5.0:

  • .NET 5.0 is battle-tested
  • High Performance
  • C# 9 offer new language improvements
  • .NET libraries have enhanced performance

Use .NET 5 for your server application if:

  • You have cross-platform needs.
  • You are targeting microservices.
  • You are using Docker containers.
  • You need high-performance and scalable systems.
  • You need side-by-side .NET versions per application.

Here is the .NET release schedule –


Dotnet 5 can be downloaded here – https://dotnet.microsoft.com/download/dotnet/5.0





Free space in the /boot partition on Ubuntu

Usually you get this error when /boot partition is full or near to full.

You can usually remove old, unused kernels on /boot by running following command –

sudo apt autoremove

There is also an utility purge-old-kernels which also recommends to use sudo apt autoremove command.

After running this command, you can run following command to check the space on /boot.

df -h /boot/

Squid Web Caching Proxy configuration on Ubuntu or Linux Mint

Optimising Web Delivery

Squid is an excellent caching proxy for the Web. It supports HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems.


To install squid on Ubuntu or Linux mint, enter the following command in the terminal.

sudo apt-get install squid squid-common

Following command can be used to check the logs.

sudo tail -f /var/log/squid/access.log

Squid can also be used as an adblocker tool.

Disable ads using Squid

Squid has the ability to read a list of IPs from a text file and block those IPs from clients using the proxy. Your clients in turn will not have to be bothered with ads.

The following lines need to be added anywhere in your squid.conf file which is usually located in /etc/squid/ and you will be putting your list of ad servers called adBlock.txt in the same directory.

Please note: You can copy hosts from here and paste into your adBlock.txt file. Remove the IPs from the left side of the file and only keep the list of domain names.

## disable ads
acl blockAds dstdom_regex "/etc/squid/adBlock.txt"
http_access deny blockAds

Once it is done, restart the Squid service by entering following command:

sudo service squid restart

Now configure network setting in your browser to use the manual proxy. On Firefox, It will look like:


Remember that default port used by Squid is 3128. It can be configured and changed from the Squid.conf file.

Here is the official link for more details: http://www.squid-cache.org

Useful Features of ASP.NET

In this post, lets discuss about some of the useful features of ASP.NET

1. Faster compilation.

This configuration setting was introduced post .NET 3.5 SP1. Add it to web.config file.

<compilation optimizeCompilations="true">

Refer MSDN for details.

2. Retail mode at the machine.config

    <deployment retail="true"/>

It overrides the web.config settings to enforce debug to false, turns custom errors on and disables tracing. No more forgetting to change attributes before publishing – just leave them all configured for development or test environments and update the production retail setting.

3. Intellisense for MasterPages in the content pages

Most of the time you have to use the “findcontrol” method and cast the controls in master page from the content pages when you want to use them, the MasterType directive will enable intellisense in Visual Studio once you do this

Just add one more directive to the page

<%@ MasterType VirtualPath="~/Masters/MainMasterPage.master" %>

If you don’t want to use the Virtual Path and use the class name instead

<%@ MasterType TypeName="MainMasterPage" %>

4. Is Client Connected?

Check to see if the client is still connected, before starting a long-running task

if (this.Response.IsClientConnected)
   // long-running task

5. Server control properties based on target browser

<asp:Label runat="server" ID="labelText" ie:Text="This is IE text" mozilla:Text="This is Firefox text" Text="This is general text" />

6. Page.ViewStateUserKey to Counter One-Click Attacks

Consider using Page.ViewStateUserKey to counter one-click attacks. If you authenticate your callers and use ViewState, set the Page.ViewStateUserKey property in the Page_Init event handler to prevent one-click attacks.

void Page_Init (object sender, EventArgs e) {
ViewStateUserKey = Session.SessionID;

Set the property to a value you know is unique to each user, such as a session ID, user name, or user identifier.

A one-click attack occurs when an attacker creates a Web page (.htm or .aspx) that contains a hidden form field named __VIEWSTATE that is already filled with ViewState data. The ViewState can be generated from a page that the attacker had previously created, such as a shopping cart page with 100 items. The attacker lures an unsuspecting user into browsing to the page, and then the attacker causes the page to be sent to the server where the ViewState is valid. The server has no way of knowing that the ViewState originated from the attacker. ViewState validation and HMACs do not counter this attack because the ViewState is valid and the page is executed under the security context of the user.

By setting the ViewStateUserKey property, when the attacker browses to a page to create the ViewState, the property is initialized to his or her name. When the legitimate user submits the page to the server, it is initialized with the attacker’s name. As a result, the ViewState HMAC check fails and an exception is generated.

Check out this link for details.

7. Emails to local folder

While testing, you can have emails sent to a local folder on your computer instead of an SMTP server

        <smtp deliveryMethod="SpecifiedPickupDirectory">
            <specifiedPickupDirectory pickupDirectoryLocation="c:\EmailFolder\" />

This is not a complete list, but will keep adding and updating this.

Visual Studio extension – Codemaid

Many developers use Resharper tool for visual studio which is really a great productivity extension, but it’s a paid. If you are looking for open source and a free extension alternative to Resharper then Codemaid is for you.


CodeMaid is an open source Visual Studio extension to cleanup and simplify our C#, C++, F#, VB, PHP, PowerShell, R, JSON, XAML, XML, ASP, HTML, CSS, LESS, SCSS, JavaScript and TypeScript coding.


CodeMaid is a great extensions that helps cleaning up and organizing the code. It can be used along with ReSharper. It is very easy to use. It has very nice documentation too.

Key features:

  1. Code Cleaning
  2. Code Digging
  3. Code Reorganizing
  4. Comment Formatting
  5. and Many more..

I would highly recommend it.

Internet Information Services (IIS) useful commands

In this article, lets take a look some of the IIS commands which are used quite often by the developers.

Apppool recycle
C:\Windows\System32\inetsrv\appcmd.exe recycle apppool WebsiteAppPoolName

where WebsiteAppPoolName is the name of application pool name

Website Start
C:\Windows\System32\inetsrv\appcmd.exe start site WebsiteName

where WebsiteName is the name of the site

Website Stop
C:\Windows\System32\inetsrv\appcmd.exe stop site WebsiteName

where WebsiteName is the name of the site

If you need to frequently recycle apppool or start/stop the website(s) then I would suggest to create a powershell script and run it.

Sites to Check if your email has been compromised in a data breach

Have you heard about the data breach? Is data leaked online and public? Are you a member of the website and want to know that you are a part of a leak?

Then these sites will help you to know.

  1. haveibeenpwned.com


The site allows you to enter an email address to see if it is compromised in a data breach for free of charge. It is developed by Troy Hunt, a Microsoft MVP awardee for developer security, international speaker and the author on Pluralsight.

If your email is not compromised, then you will get such message.

No pwnage

Otherwise, you will see details of the pwnage.

Pwnage found!

The site also provides a free notification service through email, if the future data breach occurs and your account is compromised.


If you want to find emails on a particular domain, you need to go through the verification process.


It also provides an API which allows the list of pwned accounts to be quickly searched via a RESTful service.

2. breachalarm.com


The site provides a service that allows you to check if your email has been posted online, and sign up for email notifications about future password hacks that affect you.

Once you enter your email id, it will show you message on the screen saying they will record your IP for records.


If your email is not found in the leaks then you will get an appropriate message.


Otherwise, you will see a generic message with the date of the recent breach.


The site provides “Email watchdog” service which falls in 2 categories.

Individuals and Families where they cover the number of email Id(s).


Business where they cover a domain. Companies that subscribe the service are notified when any of their email addresses appear in a data breach.Breach-Alarm-domain.png

They also provide API which enables third parties to check the breach status of email addresses or domain names. It is a paid service.

3. pwnedlist.com


Before using the service, you need to do sign up.


Once you verify your email id, your email will be added into the watchlist. You can then monitor up to 3 email Ids at no charge.


There is no way to know whether you have been compromised in the existing data breaches.

Please comment down here if there are any similar services, I’ll review and add them to this post.

I’ll say that data breaches will happen, but you always try to secure from your side. I’ll recommend using strong and unmemorable password for each account. Use password managers like Keepass, Lastpass, 1password etc to keep track of all that information. Wherever possible turn on 2 step authentication. Use services like Abine to mask your email id and use it on the sites you don’t trust.