Pfblockerng causing browser security alert

Hi, new to pfsense and need help! had pfblockerng-devel successfully blocking sites. But users are complaining that google ads and other sites are getting security alerts. Firefox indicates that google services encountered an HSTS error and cannot connect. Any help is appreciated! Thanks.

Check the logs to see what is getting blocked. But you will probably have to turn down the blocking because like most people who first start out using it, you are blocking too many things.

Thanks, I will take a look at that. Also, the exact Firefox warning I get is:
Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for pixel.everesttech.net.

Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

From what I’m reading and I may be wrong, I often am! lol - the browser doesn’t like the self signed cert. Must the self signed cert be installed on the local machines for this to work properly?

if the site was HTTPS and pfblocker blocks that site, you will get a certificate error because it will give the E = dnsbl@example.com instead of the site that blocked it. There is not really any easy work around for that.

1 Like

Thanks Tom, the default list was indeed blocking googleservices sites. Thanks for helping!

I’ve just come around this thread because I also get these Certificate Errors.

TBH I want those Sites to be blocked but I would also like to see the Block Page instead of a Certificate Error :smiley:
I’ve read somewhere to send the DNS request down the drain to 0.0.0.0 instead of the PFBlocker VIP Site but this also doesn’t fix the Issue it just doesn’t load the Site right?

NVM just read some more Posts about that Issue and it doesn’t seem feasible…altough I would really like to see the block page :confused:

If just PFBlocker would allow to insert a CA which get added to the requests…then it would be possible to install those CA’s on the Clients and voila…Block Site get’s shown…I guess