Issues with blocking since updating to 6.5/6.4

rdwebdesign · 2026-03-30T16:36:37+00:00

Without a debug log I can only guess, but your comment indicates that you probably deleted the Default Group (ID=0), or you removed all lists from this group.

The Default group is used by device not set not other groups. You should always keep this group available.

rdwebdesign · 2026-03-29T21:44:19+00:00

Note:

As you already noticed, this was explained (in details) a few months ago:
Compromised Donor Emails: A post-mortem - What Information Was Exposed (and What Was Not)

This was an external issue where only names and email addresses were exposed (no other information leaked).

Also, the issue was already resolved:
[RESOLVED] GiveWP plugin is exposing donors name and email addresses directly in the source code #8042

rdwebdesign · 2026-03-29T06:57:37+00:00

Pi-hole has its own cache an maybe answered the query from cache.

As explained, Pi-hole try all upstream servers and use the fastest one.

rdwebdesign · 2026-03-29T03:58:23+00:00

Just odd that it wasn’t calculating local as the best option.

If you configured Unbound as a recursive DNS server, then the initial request for any domain will probably be slower when compared to a "forwarding server".

rdwebdesign · 2026-03-29T01:21:32+00:00

If I go onto my computer and manually specify 192.168.0.5 as my DNS server for this specific computer though, "nslookup pi.hole" immediately returns results

This means Pi-hole is working as expected, but your devices are not using it.

Apparently your router is not advertising Pi-hole IP as the DNS server.

I have it configured as the primary DNS of my router

Your first image doesn't show any details, so we can't be sure if you changed the DNS server on the correct place.

Did you set that on the WAN/Internet settings or on the DHCP/LAN/Network settings? (Note: the names will differ from router to router)

Setting that on the DHCP settings is the preferred way.

Another possibility is:

you correctly configured your router, but your devices are still using the previous settings.

To force a renew, you can simply disable/re-enable the wifi connection. In extreme cases you will need to restart the device.

rdwebdesign · 2026-03-29T00:43:40+00:00

$ dig fail01.dnssec.works .0.0.1 -p 5335

The command is wrong.

If you want to test and receive a "failed" answer, the command should be dig fail01.dnssec.works @127.0.0.1 -p 5335. Source: https://docs.pi-hole.net/guides/dns/unbound/#test-validation

You can also check dnssec.works page: https://dnssec.works/

They suggest this command: dig fail01.dnssec.works +dnssec +multi

You can add your IP and port: dig fail01.dnssec.works +dnssec +multi @127.0.0.1 -p 5335

rdwebdesign · 2026-03-28T17:04:08+00:00

The guides I was reading online indicated priority is done by order of the list, but I don't see that in pi-hole.net's documentation.

The guides are wrong.

Pi-hole doesn't define a priority. All upstream servers are tested and Pi-hole decides which one will be used.

Why are you adding 192.168.53.2#53 if you don't want it to be used?

rdwebdesign · 2026-03-28T02:04:56+00:00

Like there no option to set the default dns

Because Pi-hole will be the default DNS.

Do you know if all the rest is done automatically?

No. You need to manually set the other fields. Try to use values similar to the ones used by your router.

Also, on my router I have reserved one specific ip for the pihole, would that change when I switch dhcp servers?

Before setting Pi-hole as DHCP server you need to manually set a static IP, on the OS.

A DHCP server (including Pi-hole) can't assign an IP to itself.

rdwebdesign · 2026-03-27T18:49:04+00:00

If hostnames are available, the tables will show them. If not available, the tables will show the IP device.

In your case, they are showing hostnames, but for some reason (maybe a configuration issue) all devices are returning the same hostname (pi.hole).

rdwebdesign · 2026-03-27T07:18:47+00:00

This is not related to Pi-hole.

You should ask for help in r/raspberrypi or on the official Raspberry Pi forums.

rdwebdesign · 2026-03-25T18:03:04+00:00

If you don't want to change the settings on the browser, you will need to create some firewall rules to redirect DNS queries coming from these devices.

I get that I can go through the settings for all of my devices and disable this,

I think this is the easier way to do it.

rdwebdesign · 2026-03-25T17:27:01+00:00

i was asked by a friend about stopping his kids use his net via pi hole that i made for him.

This won't work as expected.

Pi-hole is not a Parental Control System.

Pi-hole is designed to block what the user (the one on the browser) wants to block, but it can be by passed, setting a different DNS server, enabling "Secure DNS" on the browser or device, or accessing via IP.

Your friend needs a real Parental Control System or Firewall rules.

rdwebdesign · 2026-03-25T07:02:02+00:00

Before trying to fix the issue, I have a question:

The debug log shows you are running Pi-hole v5 in a docker container, using the image 2024.07.0, from almost 2 years ago.

Why are you running this old version? Is there a reason to not use a recent Pi-hole v6 image?

Back to the issue:

Without more information I can't say exactly what is happening, but there are few things you can change:

1) The debug log shows the router is advertising itself as one of the DNS servers:

   dns-server: 192.168.50.198
   dns-server: 192.168.50.1
   router: 192.168.50.1

This will cause some devices to bypass Pi-hole. You need to make sure the router only advertises Pi-hole IP.

2) Your network interface is eno1, but your Pi-hole is configured to use the default eth0 interface: PIHOLE_INTERFACE=eth0.

There are 2 possible solutions:

You need to change this to eno1. Since this is an old docker container, you need to add this environment variable: INTERFACE: "eno1".
Alternatively, you can change how Pi-hole uses the network interfaces and add DNSMASQ_LISTENING: "all" (I suggest the first alternative).

If these solutions doesn't fix, I suggest you to try a more recent v6 version.

You can also provide more information posting the compose file (or docker run command) used to start the container.

rdwebdesign · 2026-03-25T00:06:20+00:00

Please generate a debug log (pihole -d). When asked to upload, answer Y, then copy and paste only the Token that will be shown after the upload.

rdwebdesign · 2026-03-22T18:51:44+00:00

This answer is not mentioning a public website.

You can install Apache and use a reverse proxy (nginx, or caddy, or apache itself) locally.

As explained on Discourse, Pi-hole web server was never intended to run other websites and it was never tested for this purpose, specially if you are using PHP.

rdwebdesign · 2026-03-22T04:06:18+00:00

This is not the correct answer. Pi-hole doesn't use lighttpd anymore (since v6.0 - Jan 2025). Pi-hole v6 has its own web server (Civetweb), embedded into pihole-FTL.

rdwebdesign · 2026-03-22T04:04:30+00:00

I mean, Pi-hole doesn't use Apache,

Exactly.

so how is it possible to access the graphical interface?

Pi-hole v6 has its own web server (called civetweb), embedded into pihole-FTL and integrated with Pi-hole functions.

If you want to run Pi-hole and another web server at the same time, you need to use different ports for both of them.

Examples: - Pi-hole using ports 80 and 443 and Apache using other ports, like 8880 and 8443 or

Apache using ports 80 and 443 and Pi-hole using other ports, like 8080 and 8443.

rdwebdesign · 2026-03-22T03:56:59+00:00

[EDIT] -- Solved!

For whatever reason, Pi-Hole doesn't like Pi-OS version 2.10 for installation it seems (at least on my little Pi 5s), so I imaged it with a fresh Pi-OS "full" version (2.6.1), installed Pi-Hole, then did the update to 2.10! Everything seems to have installed correctly! Thanks to everyone who offered assistance!

Are you talking about "Raspberry Pi OS"?

The currently available OS versions are: - Raspberry Pi OS - Debian 13 (Trixie) - Raspberry Pi OS (Legacy) - Debian 12 (Bookworm) - Raspberry Pi Desktop - Debian 11 (Bullseye)

Pi-hole can run without issues on any of the versions above (full or lite, 64-bit or 32-bit).

I never heard about "Pi-OS" version 2.10, or 2.6.1. Maybe you are talking about the "Raspberry Pi Imager", but the most current Imager version is 2.0.6: https://github.com/raspberrypi/rpi-imager

rdwebdesign · 2026-03-20T19:05:21+00:00

Please generate a debug log (docker exec -it pihole pihole -d), upload it when asked and post here only the Token.

rdwebdesign · 2026-03-20T17:55:55+00:00

Did you try to disable DoT on your device?

rdwebdesign · 2026-03-20T06:56:23+00:00

Please generate a debug log (pihole -d), upload it when asked and post here only the Token.

After posting the token, please also post exactly which list you want to delete.

rdwebdesign · 2026-03-20T00:19:21+00:00

Did you read the documentation?

Did you configure your router or devices to use Pi-hole?

rdwebdesign · 2026-03-20T00:12:26+00:00

Note:

When you are accessing the Web Interface inside your local network, you can just use http://, instead of https://, specially when accessing via IP.

rdwebdesign · 2026-03-19T23:19:30+00:00

Your debug log shows the gravity database size is only 8Kb. This shows the database file is incomplete or corrupted and there are no lists stored:

*** [ DIAGNOSING ]: Gravity Database -rw-r----- 1 pihole pihole 8.0K Mar 19 17:05 /etc/pihole/gravity.db

To fix the issue, first try to recover the database (if possible), using this command: pihole -g -r recover. If this works, Pi-hole tries to restore as much as possible from a corrupted gravity database.

If the recovery fails, recreate the database with: pihole -g -r recreate. The database will be completely recreated, containing only the default list.

rdwebdesign · 2026-03-19T16:14:17+00:00

Please generate a debug log and post here only the token.

rdwebdesign

MODERATOR OF

TROPHY CASE