Hi, www.bahn.de is very, very slow and it is still the same problem (PiHole Limits Functionality- How to Fix?) and it's definitely pi-hole.
If I deactivate pi-hole, then the bahn.de site works wonderfull. As soon as pi-hole is activated, the pages takes ages.
Chrome, Edge, Firefox - all the same issue.
I was able to fix it by rejecting https-requests.
Add a filter rule on your Pi-Hole (or the router in-between) which reject (not blocks!) https-requests to the pihole-host.
@MontgomeryB Just out of curiosity: Do you use any non-standard blocking lists? I cannot see any issues with their page with only the standard lists and no explicit HTTPS rejection rules.
Very weird - I just tried it again and it works flawlessly for me (I'm using the Fahrplanauskunft several times a week). As said, I have no firewall rules in place on my Pi-hole.
@MontgomeryB
I do not really remember, to be honest.
It was during my first days with pi-hole. I realized very quickly of having issues with (partially) https:// sites. For http there was no issue as Pi-hole properly send some small pics instead of the orignial ad. But obviously Pi-hole could not answer https-requests (as it would have to generate a valid https-certificate to prevent the browsers from mocking).
At this time the request just timed out trying to access https://ip-of-pihole/ which took ages and often brought the whole page down. There was no one replying to https-requests.
Instead of getting just no answer and waiting for ages (default behaviour) I decided to let the browser know about the fact no one will reply. So the browser knows immediate about "no reply".
So I created a filter rule on the Pi-hole which simply REJECTs (instead of BLOCK) any request to http-Port 443 to the Pi-hole server.
So now the browser gets an immediate reply and knows very quick about not being able to get the requested element (which is an ad because of the IP). and displays all other elements properly.
Since I did this change Nearly every site is running fine and fast.
Ah, that may be the difference then. I'm directly getting this when trying to access htps://pi.hole
and it should actually be standard when you have no firewall enabled.
@MontgomeryB What device did you install your Pi-hole on?
The following assumes that you are running Raspbian on a Rasbperry Pi (or similar) and have no firewall rules installed. If this is not true we have to negotiate how to properly set up your firewall, but that shouldn't be a big deal!
Solution for Raspbian: Check you actually have n firewall rules installed. Use sudo iptables -L --line-numbers, it should show something like
Chain INPUT (policy ACCEPT)
num target prot opt source destination
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
if there is anything more, we'll most likely have to deal with that differently.
If there are no firewall rules, you can straightforwardly add the HTTPS REJECT rule like this:
iptables -A INPUT -p tcp --dport 443 -j REJECT
If you also use IPv6, add an IPv6 rule as well:
ip6tables -A INPUT -p tcp --dport 443 -j REJECT
Thanks, same to you (btw, I have never used first class with DB so far )
Note that setting the values to 0.0.0.0 instead of only installing the proper firewall rules may have unintended side effects as the blocking page and maybe even the Pi-hole dashboard being not reachable any more.