YouTube Domain Redirection to Local Server Not Working in Browser, but Successful via Command Line

syushi2 · August 16, 2024, 8:16am

I have configured Pi-hole to redirect the youtube.com domain to the IP address of my local server. The purpose is to ensure that when I access YouTube, it redirects to my local server where I can only watch videos that have been previously downloaded.

Configuration:

Changed the DNS record for "youtube.com" to point to "192.168.0.91" (my local server's IP).

Expected Behavior:
When accessing YouTube via a web browser, it should redirect to my local server.

Actual Behavior:

Browser access:
- Initial attempt resulted in "ERR_CONNECTION_REFUSED" error.
- After clearing Windows DNS cache and using a fresh Firefox installation, the error changed to "Unable to connect successfully."
Command line access:
- Running "curl youtube.com" in a command prompt works as expected, successfully connecting to the local server.

Troubleshooting steps taken:

Cleared Windows DNS cache
Tried with a fresh installation of Firefox

I'm puzzled by the discrepancy between browser and command line behavior. Any insights or suggestions for further troubleshooting would be greatly appreciated.

Debug Token: https://tricorder.pi-hole.net/tbD16Uzg/

Bucking_Horn · August 16, 2024, 8:33am

Redirecting to a page does not work with HTTPS, as the client browser will treat the missing or incorrect certificate as an error and never render the page.

For that very reason, with growing proliferation of HTTPS, being almost ubiquous today, Pi-hole has long switched to NULL-blocking as default, and support for the block page was finally dropped about two years ago.

syushi2 · August 19, 2024, 10:19am

Thank you for your explanation. I understand the challenges with HTTPS redirection now.

I'm considering using a self-signed certificate that would be valid only within my local network. Would this approach potentially solve the issue?

Specifically, if I set up HTTPS on my local server (https://192.168.0.91) with a self-signed certificate, and then configure Pi-hole to redirect youtube.com to this HTTPS address, would that allow the browser to connect without security errors?

Thank you for your time and expertise.

Bucking_Horn · August 20, 2024, 6:12am

Likely not, if you don't have control over any of your clients to accept that unofficial certificate, and certainly not if the site you are trying to impersonate would employ certificate pinning.

syushi2 · August 20, 2024, 10:37pm

Thank you for your clear explanation.
I appreciate the insights into the challenges with this approach.
I'll explore alternative methods to achieve my goal. Your information has been very helpful in guiding my next steps.

system · September 10, 2024, 10:38pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.