diff --git a/dnsmasq.d/01-you-dont-need-pihole.conf b/dnsmasq.d/01-you-dont-need-pihole.conf
index aff8213..3bf4709 100644
--- a/dnsmasq.d/01-you-dont-need-pihole.conf
+++ b/dnsmasq.d/01-you-dont-need-pihole.conf
@@ -11,21 +11,27 @@
 # You may NOT use this software for commercial purposes.
 ###############################################################################
 
-# Do not load /etc/hosts as a dataset for replies. (By default dnsmasq performs
-# an implicit "addn-hosts=/etc/hosts"; this prevents it.)
-no-hosts
-
 # Add our block lists
 addn-hosts=/etc/you-dont-need-pihole/local.list
 addn-hosts=/etc/you-dont-need-pihole/custom.list
 addn-hosts=/etc/you-dont-need-pihole/block.list
 
-# Return answers to DNS queries from /etc/hosts.
-#localise-queries
+# Never forward addresses in the non-routed address spaces.
+bogus-priv
 
 # In-memory cache size.
 cache-size=10000
 
+# Never forward plain names (without a dot or domain part)
+domain-needed
+
+# Do not load /etc/hosts as a dataset for replies. (By default dnsmasq performs
+# an implicit "addn-hosts=/etc/hosts"; this prevents it.)
+no-hosts
+
+# Return answers to DNS queries from /etc/hosts.
+#localise-queries
+
 # Don't log queries - only startup/shutdown messages. (Un-comment this option
 # for debugging.)
 #log-queries
@@ -44,5 +50,7 @@ no-resolv
 
 # For non-blocked DNS queries, telephone the request thru Google's global DNS
 # server.
+server=2001:4860:4860::8888
+server=2001:4860:4860::8844
 server=8.8.8.8
 server=8.8.4.4
diff --git a/make-block.pl b/make-block.pl
index 1ac0d8a..425eafb 100755
--- a/make-block.pl
+++ b/make-block.pl
@@ -69,7 +69,7 @@ sub read_stripped {
 
 MAIN: {
     my $out;
-    my $block_ip = '0.0.0.0 ::1';
+    my $block_ip = '0.0.0.0 ::';
     my $workdir = $FindBin::RealBin;
 
     unless (&GetOptions(