Hi,
read the FAQ about DNS-rebind protection, but that's AFAIK mostly about when pi-hole is the upstream server for another DNS (e. g. on your router) that has DNS-rebind protection enabled.
Now, if I enable DNS-rebind protection in pi-hole, I'm getting DNS-rebind warnings for certain FQDNs blocked by gravity (interestingly not all by far), presumably because they result in 0.0.0.0.
Nov 27 14:27:02 dnsmasq[722]: possible DNS-rebind attack detected: stats.gc.apple.com
Nov 27 14:27:03 dnsmasq[722]: possible DNS-rebind attack detected: stats.gc-apple.com.akadns.net
Nov 27 14:27:03 dnsmasq[722]: possible DNS-rebind attack detected: stats.gc-apple.com.akadns.net
$ dig stats.gc.apple.com +short
0.0.0.0
I mean, it's no big deal for me, because my upstream DNS is a local unbound resolver, and I can just do the DNS-rebind protection, there.
I'm just wondering, for people who don't have that and still want DNS-rebind protection, couldn't pi-hole realize that it's blocked the request and it's not a result from a malicious upstream DNS server?
Cheers,
C.