-
-
Notifications
You must be signed in to change notification settings - Fork 211
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lighttpd doc #824
base: master
Are you sure you want to change the base?
lighttpd doc #824
Conversation
✅ Deploy Preview for pihole-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
80861fa
to
4350c7e
Compare
I've not done a full read of this yet, but it may be worth adding a link the new page in the |
Makes sense. Noted. I'll wait for some more feedback and then will make a batch of doc changes. When I recently read the pi-hole code and wrote |
While in the doc here, I see that there is a reference to ESNI. That has been replaced by ECH, for which support is currently available in numerous browsers, and support is actively being developed at some CDNs and in some server-side TLS libraries. Will pi-hole support generating bogus DNS RRs for ECH keys? I am still learning about ECH, too, ... |
The default Pi-hole blocking mode (serving the null addresses) turned out to have the best cross-system compatibility (we tested Linux, Windows, Mac OS, a few Android versions, iOS, and a few embedded devices). Still, people are free to experiment themselves. The only option where they might reach the
Do you have any reference for this? Note that
That's not a thing. Compared to ESNI, there is no DNS involved in ECH handshakes. Also, this isn't really necessary. As we can already block the first DNS query, there is no way the handshake can even occur in the first place. |
I am not sure what references would satisfy you. Here is one from almost two years ago:
Yes, ECH is still a draft. That is why I wrote the sentence:
"actively being developed" is the phrase I wish to highlight to you. ECH is the successor to ESNI. However, given that ESNI support is still marked experimental in browsers and to my knowledge not enabled by default (if still supported at all), is the section of the pi-hole doc referencing ESNI still relevant to non-highly-technical users?
Related to That said ...
Thank you for that answer. I'll conclude that it is not worth pondering further unless new use cases come up. |
Signed-off-by: Glenn Strauss <[email protected]>
@yubiuser would you please ask again for others to review? It is approaching a year since you last requested that others review. Thanks. |
What does this PR aim to accomplish?:
lighttpd doc
document how to use lighttpd with deprecated or removed pi-hole features (such as BLOCK_IPV4, BLOCK_IPV6) to pave the way for future pi-hole releases to be less-invasive with regards to overwriting the system-provided lighttpd.conf.
Link documentation PRs if any are needed to support this PR:
pi-hole/pi-hole#5066
By submitting this pull request, I confirm the following:
git rebase
)