I've been using pi-hole for months without issue. Recently (the past couple weeks?) I've been seeing pages "hang" or timeout while waiting for a response from particular ad servers. This seems to be very common on "discussion forum" sites e.g. AVSForum.com. It makes these sites difficult if not impossible to use.
I have zero issues visiting avsforum.com with enabled Pi-hole. Which operating system / browser do you use? Does it happen on all client devices within your network?
Windows 10: Chrome 55 and IE 11. Edge does not seem to exhibit this behavior.
I can try other devices when I get home tonight if that will help troubleshoot the issue.
Thanks. It is interesting to see that it does not happen on all browsers, so it seems to be a client side problem. We will nevertheless try to figure out how to solve it.
I tried your link as well - everything fine here. However, we have seen that ads might be served depending on your Geolocation (which is West-Germany at my end) so that might explain the deviation.
Unfortunately we cannot serve HTTPS out of the box since we can not provide valid certificates for ads domains. You can look around on Discourse for solutions, but it is not supported officially.
I'm sorry I don't understand what is the issue with HTTPS
Pihole is a DNS server, not a proxy server? Or is it because it mixes a DNS + webserver?
If that's the issue, instead of displaying an 'index' file, can't I just redirect connections to 127.0.0.1 as would do hosts file?
Furthermore: why am I, with "sock", the only one concerned by this issue?? Every page that loads some (blacklisted) ads over HTTPS should be concerned!
If every ad server switches to HTTPS, pihole will become completely inoperative and timeout every page?? :s
EDIT 1:
Can I use this kind of solution to bypass HTTPS certificate issues with self signed certificates? https://www.cyberciti.biz/tips/howto-lighttpd-create-self-signed-ssl-certificates.html
I only use pihole in my house, and if I have to add the certificate on every of my devices for it to work (without hours of work), I will. Slowing down a lot of websites is hardly a viable option.
EDIT 2: A SOLUTION
I fixed the issue using a self-signed certificate, now the https ads are instantly blocked. To achieve this, I followed this guides (french links but the commands are self explained)
We still block HTTPS ads, just for some reason your install is timing out on HTTPS ads. The reason that HTTPS ads return that error instead of displaying the block page is that since we redirect the request for example.com from the original server to Pi-hole, the browser does not receive the correct security certificate and correctly assumes that there's some misdirection going on. This is a security feature, but either way the ad is still blocked. You probably could get around it with a self-signed wildcard certificate, but that opens up loads of security concerns and is not recommended.
I think I might have spotted the issue:
I run the pihole in a docker container, with specific ports forwarded. Before installing a self signed certificate, I only forwarded port 80 and port 53.
docker run -p 53:53/tcp -p 53:53/udp -p 80:80
When I installed the certificate, I also added port 443. Maybe its that part that fixed the issue! As the port was closed, the connection always timed out!