Hi, I am using pi-hole to block my kids from going to certain sites. Today, one of them was bragging she can play a game when that site should have been blocked. Turns out she installed a free vpn extension on chrome which bypasses pi-hole or at least encrypts the traffic which prevents pi-hole from doing its job.
Is there a way to prevent this circumvention of pi-hole? Thank you!
Try to discover the domain that the app makes the request, and make the block via REGEX. however, it will be an endless search due to the amount of VPN's available.
You can also use an alternative OpenDNS configuration, where the word VPN is blocked.
Currently, I uninstalled the vpn extension and block the various free vpn sites so a new one can’t be downloaded, but as you suggest, it’s an endless search since there are so many of them. For some reason, when I look at the pi-hole log when vpn is enabled, I don’t see any entries originating from that pc/iOS device (My child installed the vpn extension on both the pc and iPad).
Your suggestion is better, but I can’t seem to find the server the vpn extension is reaching out to...
Is there a way to setup pi-hole so that all encrypted traffic is blocked?
No. Pi-hole sees only domains and is unaware of the method of connection after the domain name is resolved to an IP.
it may be that the device has not obtained the DNS for use by Pihole. Since you have access (logical hahaha) to the device, check it out.
Hi, I do have access...my setup is I use PFsense as my router and for the pc’s and devices my kids use, pfsense will use Pi-hole as the DNS. So I was thinking that because of the encryption, pi-hole is not recognizing the dns calls as such and letting them pass. Or probably more likely, pfsense is not recognizing the dns calls as such such and not redirecting them to pi-hole.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.