I also use a pi-hole, but I have had to mess with the configuration and troubleshoot things so often that I don’t feel comfortable recommending it to non-technical people.
I also think the average person is more likely to need this on a cell phone almost exclusively.
>I don’t feel comfortable recommending it to non-technical people.
Everybody is so "¡wow cool!" about Pi-Holes, until a desired website breaks... and then DNS-filtering gets temporarily disabled, typically forever.
So definitely requires a semi-technical person to maintain complex lists... my home network features separate PiHoles: one is default issued, via DHCP (with minimal blocklist), primarily for guests/IoT/fallback; the second filter is manually-configured as DNS on only my devices (it breaks just about anything I haven't whitelisted).
This allows a third option, which has users manually entering their router IP as DNS (bypassing all PiHoles, relying upon ISP's upstream DNS resolution)... but if you don't manually set a DNS, the DHCP still resolves to a minimal seven-rule blocklist.
----
There is apparently a method of using pfsense to capture all network DNS requests and then run them through a default local resolver... but I found it easier to just use DHCP to issue local DNS IP (am only semi-technical, myself).
I also think the average person is more likely to need this on a cell phone almost exclusively.