Using the internal web server, can the successful Pi-hole blocks be routed to a single web page/address that indicates that it was Pi-hole that did the work? I find it confusing on the user browser what has been blocked or failed (typo, Pi-hole, DNS, uOrigin, etc). So, if Pi-hole blocks, the browser is sent to a page that says something like "Blocked, courtesy of Pi-hole!"
If it matters, I'm using Pi-hole (5.9, FTL 5.14, web interface 5.11) on Raspberry Pi 2 with DietPi (8.1.2)
You could experiment with one of Pi-hole's outdated IP blocking modes.
However, that would only work with HTTP sites.
Since the vast majority of sites today is HTTPS, Pi-hole has long since switched to NULL blocking as default.
Thanks. That's good food for thought with NULL and security.
So, looking at the Steven Black list that is provided with Pi-hole (suggested default in a sense), I see the lines
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
127.0.0.1 local
255.255.255.255 broadcasthost
::1 localhost
::1 ip6-localhost
::1 ip6-loopback
fe80::1%lo0 localhost
ff00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
0.0.0.0 0.0.0.0
This maintains the system's loopback (127.x.x.x) but also that line there regarding 0.0.0.0. That's the NULL, correct? The other lines, where blocking is provided, are formatted in the list as "0.0.0.0 wizhumpgyros.com".
If that line ("0.0.0.0 0.0.0.0") were to be something like "0.0.0.0 127.0.0.2", could we configure the local web server (lighttpd) to deliver a custom page on that 127.0.0.2 address? Without losing https security.
No. Pi-hole strips out the leading IP addresses and keeps only the domains in gravity.
Thanks. I was wondering the difference I see in the lists' formats.
Some lists are formatted and published for use as HOSTS files, which is why they include the leading NULL or loopback IP. Others are formatted for adblocker use only. Pi-hole can handle either format.
You'll save several megabytes per file downloading lists without leading 0's. Some are labeled 'nl'.
Regarding the block page, my experience is the behavior is very inconsistent.
Some pages say a message from pi-hole and many many others just say "could not connect". It seems to be related to how the website is stored, whether it is from the query log, or if it is in a specific blocklist file. I"d love to see this page for all blocked domains.
We download the lists with gzip compression. Not saving much of anything. And if your lists are in the range that you would save several megabytes then it's a vastly bloated list to begin with.
Yep, sites using HTTPS will not work with the block page due to the nature of HTTPS/TLS encryption. That's why the block page is being deprecated.