The internet is full of ways to waste time. As an marketer, I can assure you this is intentional. SEO During my career, I’ve sent millions of you down endless rabbit holes of “content.” I’ve distracted you to no end. I’ve even targeted you individually. But somewhere along the way, I decided to give up evil magic. I want to become a good witch. So here’s an easy spell for blocking sites that waste your time using and an entry-level magical summoner’s circle. dnsmasq But why the change of heart? You are wise to question my bewitching motives. Well, there are many factors. One good reason to block dumb sites is that future societies will curse the people of today for how we treat the planet — if they can survive long enough to curse. They’ll also curse us for how much time we spent looking at and taking when we could have been using less data. So many memes, , and so much wasted potential. lifelong, pollution-induced asthma wasteful GIFs CO2-belching Zoom calls so much atmospheric pollution You can use tools like PiHole to block some content. But even without ads and the like, . some sites remain distracting enough to threaten your well-being This magic recipe isn’t a replacement for tools like PiHole; simply consider it another ethereal page in your grimoire. Conjuring Requirements For this hex, you’ll need: The of a site you want to block. We’ll use as an example. URL nbc.com A that supports some form of secure terminal access, like . You should access the router with a privileged user account, and your OS should have installed. You can get this setup by installing open-source Linux router firmware, such as or for your router model. router ssh dnsmasq OpenWRT DD-WRT . It should look something like . Your router’s IP address 192.168.1.1 Sufficient to draw a magic summoner's circle in . Do not use old blood. Do not use other people's blood. Do not use animals' blood. Do not use simulated blood. MP , STA , and HP your own fresh blood Time-sucking Websites Hate How Easy These 4 Steps Are! 1. Connect to the router We’ll open up a terminal and connect to our router. We’re using , so that's: ssh ssh super_user@192.168.1.1 2. Edit the configuration file. dnsmasq We open the configuration file using , , or whatever terminal editor we've installed: dnsmasq nano vi nano /etc/dnsmasq.conf Now, we add a line at the bottom of the file to define a new blocking rule. To block the site , we'd add: nbc.com address=/nbc.com/127.0.0.1 We can write any spoof IP address we desire in the rule. For now, we’ve just gone with the standard . loopback address You can add an additional line for however many URLs you want to redirect. Each rule must be on its own line. 3. Apply the changes We should apply the changes by restarting the appropriate service: /etc/init.d/dnsmasq restart If your OS uses a different system service manager, , restart the service that way. like [systemd](https://systemd.io/) dnsmasq 4. Confirm it worked Finally, we can try to ping our target site from the router to see if it’s accessible. Before performing steps 1–3, the command produced something like this: ping nbc.com super_user@router:~# ping nbc.com PING nbc.com (184.28.78.19): 56 data bytes 64 bytes from 184.28.78.19: seq=0 ttl=54 time=18.944 ms 64 bytes from 184.28.78.19: seq=1 ttl=54 time=14.686 ms ^C--- nbc.com ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 14.686/16.815/18.944 ms After performing steps 1–3: super_user@router:~# ping nbc.com PING nbc.com (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: seq=0 ttl=64 time=0.859 ms 64 bytes from 127.0.0.1: seq=1 ttl=64 time=0.265 ms 64 bytes from 127.0.0.1: seq=2 ttl=64 time=0.614 ms ^C --- nbc.com ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 0.265/0.579/0.859 ms As you can see, the device now assigns a different IP address to the blocked site. You should see something similar when you ping from your local machine. Be sure to log out of the session when done! Troubleshooting My browser doesn’t seem to respect the new rules dnsmasq This wasn’t always the case. But over time, browser-smiths have grown more prone to include their own domain resolution rules, “prefetching” features, and other nonsense. Today, your browser may use a pre-programmed IP address for lookups, like one of the common Google nameservers. It’s up to you whether you want to override such settings. DNS Here are some helpful pointers: Stackoverflow — Why is Chromium bypassing /etc/hosts and dnsmasq? Nothing is different after I update and apply my rules. Try reloading your browser or clearing its cache. If you’ve previously changed your device’s networking settings, make sure the spoof IP address you used in the configuration line is the same as the host IP address your device uses for DNS lookups. address=/nbc.com/127.0.0.1 I drew the magic summoner’s circle, but my body contained less blood than I expected. I think I’m really low on HP For legal reasons, I’ll remind you that I never actually told you to the circle — I’m just obligated to include it in all tutorials as per my craft. Perhaps you’re lacking in addition to ? But no matter —slip softly into that silent slumber. draw INT HP That’s All This method is an easy way to block a site using . It's not the best for blocking a large number of sites since you have to add a rule for each or use wildcards (see the man page). Still, it’s effective and low-maintenance. dnsmasq dnsmasq Do you like conjuration and technology? follow me online in search of further power — I may be a good witch, but I’ve got a reputation to uphold, so I can promise only ruin. Don’t