I do not think there is something amiss with my setup or a bug, I am just wondering if I am doing something wrong.
My pi-hole has a list of, naughty, sites to block in the household but I discovered a loophole. If the url is directly accessed, it gets caught and blocked by my pihole. However, if I search for the one of the sites in for example bing, and access the site there, it gets let through. After that the site is fully accessible.
This is a screenshot of the log. It's for the exact same URL. This is the moment where I clicked the link from the search results in bing. First it is blocked twice, then it accepts it.
Why?
There is a difference between "www.domain" and "domain". If you search for "domain", and Bing returns "www.domain", and only "domain" is on a block list, then "www.domain" will get through.
Ah yes exactly. Just as I hit submit I realized the problem. I wanted to delete my post but couldn't. Thanks for the answer, I will see what I can do to block the domains proper.
This would keep the kids from doing what you described. I also had a way to enforce dns so they could not manually enter a different dns server in their devices to bypass this.
If you search for how to enforce safe search you will find more info that may be helpful.
I was able to do this via iptables in the router. This would lock down the kids dhcp dns to what is specified in the router, in my case OpenDNS. You can also make rules to bypass this at the same time for devices you don't want or need to block.
In this example all dns is locked down with the exception of a few IP's that I didn't need the restrictions on. You may have to adjust these to your own equipment.
Here is the website that helped me figure this out:
But I have a fritzbox
Will ask this at AVM to see if similair can be done.
Probably not as it will break all internal DNS traffic as well.
The dns traffic always flows through the fritzbox as it is my WAP.
