Commit graph

42 commits

Author SHA1 Message Date
Glenn Strauss
dafc9983f5
lighttpd include external.conf using file glob
lighttpd 1.4.40 and later support 'include' using file glob

(The prior code for compatibility was presumably for Debian Jessie
 and earlier, now obsolete.  Debian Stretch -- currently oldstable --
 ships with lighttpd 1.4.45)

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-12-18 12:52:58 -05:00
Neill Wolf
d245226053
set X-XSS-Protection headers to 0 in lighttpd.conf
Signed-off-by: Neill Wolf <neillawolf@gmail.com>
2022-12-16 16:01:35 -06:00
Christian König
7e6f81f814
Add comment in lighttpd.conf how to change the server port
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-09-17 12:00:33 +02:00
DL6ER
f418481b9f
Add security-related headers to Pi-hole web interface
Signed-off-by: DL6ER <dl6er@dl6er.de>
2022-08-06 15:35:01 +02:00
Christian König
dae96e7384
Change lighttpd log file names
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-05-29 21:04:18 +02:00
RD WebDesign
ab7d83384f Allow lighttpd to stream responses to browser
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
2022-03-15 15:33:56 -03:00
Christian König
28085cf7d8
Merge iFrame exceptions
Signed-off-by: Christian König <ckoenig@posteo.de>
2021-12-17 10:08:16 +01:00
Christian König
2eff53b2bb
Allow qr code iframe
Signed-off-by: Christian König <ckoenig@posteo.de>
2021-12-10 07:17:53 +01:00
Christian König
8d6ce78c65
Allow qr code iframe
Signed-off-by: Christian König <ckoenig@posteo.de>
2021-12-10 07:09:42 +01:00
Adam Warner
f8af1a1baa
Allow iFrame for teleporter.php, see https://github.com/pi-hole/AdminLTE/pull/1231
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2021-10-07 00:16:07 +01:00
MichaIng
3ef90a9e47 Remove ineffective Access-Control-Allow-Origin header
The Access-Control-Allow-Origin header has only relevance, when a resource is loaded from an external host, so one that does not match the host of the primary loaded website. As the fonts are reasonably loaded via local URLs without hostname or scheme from the blocking page style sheet, they are never seen as external resources, regardless whether the blocking page is shown to the browser from a blocked domain or from the Pi-hole domain/IP.

For reference: https://github.com/pi-hole/pi-hole/issues/3462

Signed-off-by: MichaIng <micha@dietpi.com>
2021-08-13 20:42:51 +02:00
Daniel
31a096dec2
Remove mod_compress (mod_deflate) from lighttpd to provide backwards compatible support for Debian Bullseye (11)
Signed-off-by: Daniel <daniel@developerdan.com>
2021-07-07 13:31:59 +00:00
mtzfederico
e5bfafefb9 Moved where external.conf is included
Signed-off-by: mtzfederico <fm@mtzfederico.com>
2021-01-22 15:53:40 -06:00
XhmikosR
cf1c1e2e7e Tweak lighttpd configs
* Compress more types
* Add charset=utf-8 in more text types
* Use proper media types
* Add default expire header
* Use consistent indentation

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2020-07-02 12:28:26 +03:00
XhmikosR
d90313fe4d Fix/tweak blocking page
* fix favicon
* add meta charset
* add html lang
* add a page title
* remove unneeded html end tags
* fix viewport tag to allow zooming
* compress the "blocked by Pi-hole" SVG
* remove trailing spaces
* switch to double colon pseudo elements (works from IE9 and newer)
* add missing vendor prefixes
* other minor tweaks
* add `Access-Control-Allow-Origin` header to all font types

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2020-05-31 15:54:11 +03:00
MichaIng
5c17e41cf1 Start pihole-FTL after network
"$network" on a systemd-driven OS leads to "After=network-online.target" in the generated systemd unit.
This target is no guarantee that all network interfaces have been fully configured, as it depends on the related network services types, but at least it reduces the risk that those have not fully finished their job when pihole-FTL starts. If this is the case, certain issues can occur:
- https://github.com/pi-hole/pi-hole/issues/2924
- https://discourse.pi-hole.net/t/have-to-pihole-restartdns-after-reboot/28772

Runtime files are now consistently created in "/run" instead of "/var/run". The second is a symlink to the first for backwards compatibility but on none-ancient distro versions one should use "/run", systemd even prints a warnings if service files use "/var/run". The service file used "/run" and "/var/run" both, in cases for the same files/directories before, which does not directly cause issues currently, due to the symlink, but is inconsistent at best.

Signed-off-by: MichaIng <micha@dietpi.com>
2020-05-16 13:38:18 +02:00
XhmikosR
54d0b9a1b8 Serve JS files with utf-8 charset too
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2019-12-07 13:48:25 +02:00
Jeroen Baert
7b2ac25a52 Fix for 404 error when browsing to pi.hole (without /admin)
Signed-off-by: Jeroen Baert <3607063+Forceflow@users.noreply.github.com>
2019-07-01 03:42:02 +02:00
RamSet
b5af125be6 Removed line
Signed-off-by: RamSet <RamSet@gmail.com>
2019-06-25 15:45:01 -06:00
RamSet
ecc49318f0 Fixed MIME related issue present in lighttpd/1.4.53
Signed-off-by: RamSet <RamSet@gmail.com>
2019-06-25 15:45:01 -06:00
Mcat12
28cbf45d1d
Add explanatory comment for include_shell
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-10-30 21:52:42 -04:00
Adam Warner
f670644954
Revert "lighttpd conf enhancements" 2018-10-26 19:12:11 +01:00
Glenn Strauss
67bdcbcf19 lighttpd: slightly more efficient sample config
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2018-10-17 06:54:54 -04:00
Glenn Strauss
69b2a5a876 lighttpd: use file glob for optional external.conf
lighttpd 1.4.50 config parse will error if include_shell exits non-zero
and pi-hole sample config: include_shell "cat external.conf 2>/dev/null"
is an error if external.conf does not exist

Replace with: include "external*.conf"
file glob supported since lighttpd 1.4.40 and is not an error if there
is no file which matches the file glob

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2018-10-17 06:54:43 -04:00
WaLLy3K
2dabacd024 Fix minor typo
Signed off by WaLLy3K <wally3k@pi-hole.net>
2017-10-09 19:53:22 +11:00
WaLLy3K
288635abc9 Add comment for include_shell feature
* Capitalise first letter for Lighttpd
* Fix spacing
* Add comment for include_shell feature
2017-10-03 22:05:06 +11:00
Celly
f54a812ad5 Update access rules to block all root '.' files 2017-09-22 09:27:43 -04:00
Celly
e3e3b4da58 Add in some exclusions form some leaky files in the admin 2017-09-21 17:47:37 -04:00
WaLLy3K
7bcea98d0c Do not activate letsencrypt.conf if found 2017-05-02 17:28:51 +10:00
WaLLy3K
356c70cdae Update lighttpd.conf.debian
* Disable `include-conf-enabled.pl`, as blindly enabling HTTPS (as Let's Encrypt does by having a file in that folder) creates Block Page inefficiencies
* Make Block page handle JS request rewrite, allowing users to better utilise their `lighttpd` service
* Make Block page handle debugging Pi-hole header
* Make Block page redirect users from `pi.hole` to `http://pi.hole/admin`
2017-05-02 17:24:07 +10:00
Jacob Salmela
7a1a2dec67
update license to EUPL on core files 2017-02-22 11:55:20 -06:00
ProtoFoo
cd0b8927c5 Removed a line that did nothing. 2017-02-21 22:22:03 +01:00
ProtoFoo
b2d78edae9 Redirect pi.hole to pi.hole/admin/ 2017-02-21 20:36:59 +01:00
Adam Warner
a7def771c8 Revert "redirect pi.hole to pi.hole/admin" 2017-02-19 20:12:32 +00:00
Jacob Salmela
26cb6a1929
redirect pi.hole to pi.hole/admin 2017-02-11 20:46:27 -06:00
ProtoFoo
357f5a2cfd Add manual edit warning
Added text block from dns config file to warn user that manual changes to lighttpd config will be overwritten.
Slight cosmetic adjustments (tabs -> spaces).
2017-02-09 16:46:55 +01:00
DL6ER
b246dba7e7 Rename index.html to index.php 2016-12-04 21:41:26 +01:00
Jacob Salmela
473b58d26d Merge pull request #704 from stonedbovines/development
lighttpd.conf templates change
2016-10-27 20:22:46 -05:00
Eric Warnke
e2997b8135 Due to lighttpd bug 2526 the url.rewrite for javascript must be placed
outside of the $HTTP block or it will never evaluate.
2016-10-26 11:49:31 -04:00
Steve Dobinson
47cba83450 Update lighttpd.conf.debian
Allow for password protection (or other user-initiated options) without clobbering already chosen user options.
2016-09-20 10:34:21 +01:00
bcambl
62fa9c0f6e fixing whitespace 2016-06-11 15:58:48 -06:00
bcambl
6f2117d786 append '.debian' to lighttpd.conf for compatability 2016-06-11 15:58:48 -06:00
Renamed from advanced/lighttpd.conf (Browse further)