Hello Pi-hole Community,
I'd like to initiate a discussion on the possibility of making secure access to Pi-hole outside the home more seamless by exploring the implementation of DNS over TLS (DoT) and DNS over HTTPS (DoH) for specific clients, such as Private DNS on Android or Secure DNS settings in Mozilla Firefox and Google Chrome.
Context:
Pi-hole has proven to be a powerful tool for ad-blocking at the network level, providing a cleaner browsing experience. However, ensuring privacy and security in DNS queries becomes crucial when users are outside their homes. Integrating support for DoT and DoH on clients can be an effective solution.
Benefits:
- Privacy on the Go: By implementing DoT and DoH on clients, such as private DNS apps on Android or secure DNS settings in browsers, users can ensure privacy even when on external networks.
- Enhanced Security: DNS traffic encryption provides an additional layer of security when accessing Pi-hole remotely, reducing the risk of data interception on public or potentially insecure networks.
- Reliable Access to Pi-hole On the Go: Users can securely access their private DNS hosted on Pi-hole, ensuring that the benefits of ad and tracker blocking extend beyond the home network.
- Flexible Configuration: Direct implementation on clients allows for flexible configuration, enabling users to choose which devices and applications should utilize DoT or DoH, adapting to their specific needs.
Potential Challenges:
- User Awareness: Ensuring users are aware of the benefits of implementation on their devices and how to configure these options effectively.
- Compatibility with Different Clients: Considering the variety of clients and operating systems to ensure a smooth and compatible implementation across different platforms.
Community Questions:
- How do you perceive the implementation of DoT and DoH on clients as a valuable extension for Pi-hole?
- What are the most significant benefits of allowing users to securely access their Pi-hole outside the home?
- Have you configured secure DNS on your devices and browsers? What were your experiences?
- What challenges do you anticipate in the implementation, and how can these challenges be effectively overcome?
Let's share insights on how we can enhance the accessibility and security of Pi-hole, especially when we're away from our home network! Additionally, considering the challenges of adapting the Nginx server on ARMHF hardware, such as the Raspberry Pi 1, due to the lack of updates in this architecture, integrating these features directly into the Pi-hole construction becomes even more compelling. This can offer a more straightforward solution for users, especially those dealing with older hardware limitations.