Pi-hole: Block page is only showing on "unsecure" pages

Created on 27 Feb 2018  路  1Comment  路  Source: pi-hole/pi-hole

In raising this issue, I confirm the following: {please fill the checkboxes, e.g: [X]}

How familiar are you with the source code relevant to this issue?:

1


Expected behaviour:

Block page showing on HTTP & HTTPS requests.

Actual behaviour:

Block page only shows on HTTP, not HTTPS requests

Steps to reproduce:

1) Make sure the device you are using is routed through a Pi Hole DNS.

2) Go to a blocked site, whether it be blacklisted manually or from a list (for this example, we are using t.co)

3) Go to the site using HTTP, you should get a page like this (CSS or something seems broken, but that's not what we are focusing on right now.) <a href="http://t.co">http://t.co</a> being blocked

4) Now try going to the site using HTTPS. Instead of a block page, you are just given a connection error. Now this is an issue considering most sites use HTTPS and this simply gives a false understanding to the user. <a href="https://t.co">https://t.co</a> showing connection error

Debug token provided by uploading pihole -d log:

0mxms9cw9u

Troubleshooting undertaken, and/or other relevant information:

N/A

Not a bug

Most helpful comment

This is as intended, you can not intercept HTTPS/TLS traffic without presenting a TLS certificate in the name of the site. This is not operationally feasible and would be considered a breach of security as a man-in-the-middle attack.

>All comments

This is as intended, you can not intercept HTTPS/TLS traffic without presenting a TLS certificate in the name of the site. This is not operationally feasible and would be considered a breach of security as a man-in-the-middle attack.

Was this page helpful?
0 / 5 - 0 ratings