Troubleshooting

Clear DNS Cache

Cache is automatically cleared by restarting the FTLDNS service.

Settings › Restart DNS resolver

Failed Upgrade

This may happen with major changes between pi-hole versions, especially with FTLDNS; which may leave the system with a permenant DNS server not started error.

Backup all files in /etc/pihole.

Reinstall the Pi-Hole server and setup vanilla. Then copy the following files to do a manual teleporter install. 5.x may be exported to 4.x flat files if needed. A teleporter install in 5.x will not carry over all settings.

Teleporter Install

Location

Purpose

/etc/hosts

Hostname resolutions

/etc/pihole/gravity.db

PiHole list/group/client settings

/etc/pihole/dhcp.leases

Current DHCP leases (optional)

/etc/pihole/pihole-FTL.db

SQLite DNS resolution log (optional)

Updated: None

Warning

setupVars.conf, pihole-FTL.conf and anything in dnsmasq.d are probably different if the upgrade failed. Diff these and make a determination to copy.

Restart Pi-Hole.

Force HTTPS Admin Page

HTTPS should only be enabled for the FQDN of the Pi-Hole server; as the server is redirecting traffic, you may get a bunch of cert wonkiness when DNS resolves return blocked domains.

Create a combined certificate.
sudo cat privkey.pem cert.pem | sudo tee combined.pem
sudo chmod www-data -R combined.pem

Note

This contains private information and should not be placed in a web directory.

0644 root root /etc/lighthttpd/external.conf
$HTTP['host'] == 'pihole.example.com' {
  # Ensure the Pi-hole Block Page knows that this is not a blocked domain
  setenv.add-environment = ('fqdn' => 'true')

  # Enable the SSL engine with a LE cert, only for this specific host
  $SERVER['socket'] == ':443' {
    ssl.engine             = 'enable'
    ssl.pemfile            = 'combined.pem'
    ssl.ca-file            =  'fullchain.pem'
    ssl.honor-cipher-order = 'enable'
    ssl.cipher-list        = 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'
    ssl.use-sslv2          = 'disable'
    ssl.use-sslv3          = 'disable'
  }

  # Redirect HTTP to HTTPS
  $HTTP['scheme'] == 'http' {
    $HTTP['host']          =~ '.*' {
      url.redirect         = ('.*' => 'https://%0$0')
    }
  }
}
Restart services.
sudo service lighthttpd restart

Reference