Hello dietpi community!
I am currently totally dispaired I am trying to set up pihole on DietPi and it does not work.
Spent already 3d x 4h… and still not working, so I decided to create an account and ask for assistance.
Used device: RPi 4, Mod. B, 4GB
DietPi: DietPi_v6.25_RPi-ARMv6-Buster
Problem: It seems that pihole is installed and configured properly, lighttpd is running but the admin and pihole web interface is not accessible. I only see the message: 403 Forbidden
root@DietPi:~# curl -I http://120.0.0.101/admin/
HTTP/1.1 403 Forbidden
Content-Type: text/html
X-Pi-hole: The Pi-hole Web interface is working!
X-Frame-Options: DENY
Content-Length: 341
Date: Wed, 20 Nov 2019 22:13:50 GMT
Server: lighttpd/1.4.53
I searched already the “whole” internet for a solution:
https://forum.armbian.com/topic/10564-pi-hole-admin-page-not-reachable-or-403-forbidden-error/
https://discourse.pi-hole.net/t/403-forbidden-solution-on-armbian-ubuntu-18-04-2/20519
https://github.com/pi-hole/pi-hole/issues/2129
https://www.reddit.com/r/pihole/comments/8gyc6p/403_forbidden_when_trying_to_access_admin_page/
But nothing helped.
Here is the output after pihole- d:
This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
The intent of this script is to allow users to self-diagnose their installations. This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.
NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.
*** [ INITIALIZING ]
[i] 2019-11-20:23:19:10 debug log has been initialized.
*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...
*** [ DIAGNOSING ]: Core version
[i] Core: v4.3.2 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.3.2-0-ge41c4b5
*** [ DIAGNOSING ]: Web version
[i] Web: v4.3.2 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.3.2-0-g38d8e77
*** [ DIAGNOSING ]: FTL version
[✓] FTL: v4.3.1
*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.53
*** [ DIAGNOSING ]: php version
[i] 7.3.11
*** [ DIAGNOSING ]: Operating system
[✓] Raspbian GNU/Linux 10 (buster)
*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected
*** [ DIAGNOSING ]: Processor
[✓] armv7l
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
120.0.0.101/24 matches the IP found in /etc/pihole/setupVars.conf
[✗] No IPv6 address(es) found on the eth0 interface.
[i] Default IPv4 gateway: 120.0.0.1
* Pinging 120.0.0.1...
[✓] Gateway responded.
*** [ DIAGNOSING ]: Ports in use
[*:53] is in use by pihole-FTL
[*:53] is in use by pihole-FTL
[127.0.0.1:4711] is in use by pihole-FTL
*:22 dropbear (IPv4)
*:22 dropbear (IPv6)
[*:80] is in use by lighttpd
[*:80] is in use by lighttpd
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] optimumadsmedia.go2cloud.org is 0.0.0.0 via localhost (127.0.0.1)
[✓] optimumadsmedia.go2cloud.org is 0.0.0.0 via Pi-hole (120.0.0.101)
[✓] doubleclick.com is 172.217.23.46 via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Pi-hole processes
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active
*** [ DIAGNOSING ]: Setup variables
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=120.0.0.101/24
IPV6_ADDRESS=
PIHOLE_DNS_1=8.8.8.8
PIHOLE_DNS_2=8.8.4.4
QUERY_LOGGING=false
INSTALL_WEB_SERVER=false
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
BLOCKING_ENABLED=true
*** [ DIAGNOSING ]: Dashboard and block page
[✗] Block page X-Header: X-Header does not match or could not be retrieved.
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 341
Date: Wed, 20 Nov 2019 22:19:15 GMT
Server: lighttpd/1.4.53
[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!
*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 2715381 Nov 20 22:59 /etc/pihole/gravity.list
-----head of gravity.list------
0.0.0.0
0.nextyourcontent.com
0.r.msn.com
0.start.bz
-----tail of gravity.list------
zzz.clickbank.net
zzzezeroe.fr
zzzpooeaz-france.com
zzzrtrcm2.com
*** [ DIAGNOSING ]: contents of /etc/pihole
-rw-r--r-- 1 root root 313 Nov 20 22:57 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt
-rw-r--r-- 1 root root 39 Nov 20 22:59 /etc/pihole/local.list
120.0.0.101 DietPi
120.0.0.101 pi.hole
-rw-r--r-- 1 root root 234 Nov 20 22:58 /etc/pihole/logrotate
/var/log/pihole.log {
su root root
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root root
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}
*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d
-rw-r--r-- 1 root root 1388 Nov 20 22:58 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=8.8.8.8
server=8.8.4.4
interface=eth0
*** [ DIAGNOSING ]: contents of /etc/lighttpd
-rw-r--r-- 1 root root 2053 Nov 20 22:58 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_indexfile",
"mod_setenv",
"mod_access",
"mod_alias",
"mod_redirect",
)
server.document-root = "/var/www"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
server.http-parseopts = (
"header-strict" => "enable",
"host-strict" => "enable",
"host-normalize" => "enable",
"url-normalize-unreserved"=> "enable",
"url-normalize-required" => "enable",
"url-ctrls-reject" => "enable",
"url-path-2f-decode" => "enable",
"url-path-dotseg-remove" => "enable",
)
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"
server.modules += (
"mod_compress",
"mod_dirlisting",
"mod_staticfile",
)
*** [ DIAGNOSING ]: contents of /etc/cron.d
-rw-r--r-- 1 root root 1704 Nov 20 22:58 /etc/cron.d/pihole
41 3 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local
43 19 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot
*** [ DIAGNOSING ]: contents of /var/log/lighttpd
-rw-r--r-- 1 www-data www-data 0 Nov 20 23:17 /var/log/lighttpd/error.log
*** [ DIAGNOSING ]: contents of /var/log
-rw-r--r-- 1 pihole pihole 0 Nov 20 23:17 /var/log/pihole-FTL.log
-----head of pihole-FTL.log------
-----tail of pihole-FTL.log------
*** [ DIAGNOSING ]: contents of /dev/shm
-rw------- 1 pihole pihole 323584 Nov 20 22:59 /dev/shm/FTL-clients
-rw------- 1 pihole pihole 108 Nov 20 22:59 /dev/shm/FTL-counters
-rw------- 1 pihole pihole 65536 Nov 20 22:59 /dev/shm/FTL-domains
-rw------- 1 pihole pihole 12288 Nov 20 22:59 /dev/shm/FTL-forwarded
-rw------- 1 pihole pihole 28 Nov 20 22:59 /dev/shm/FTL-lock
-rw------- 1 pihole pihole 53248 Nov 20 22:59 /dev/shm/FTL-overTime
-rw------- 1 pihole pihole 196608 Nov 20 22:59 /dev/shm/FTL-queries
-rw------- 1 pihole pihole 12 Nov 20 22:59 /dev/shm/FTL-settings
-rw------- 1 pihole pihole 4096 Nov 20 22:59 /dev/shm/FTL-strings
*** [ DIAGNOSING ]: Locale
LANG=de_DE.UTF-8
*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 0 Nov 20 23:17 /var/log/pihole.log
-----head of pihole.log------
********************************************
********************************************
[✓] ** FINISHED DEBUGGING! **
* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.
[?] Would you like to upload the log? [y/N] y
* Using curl for transmission.
/opt/pihole/piholeDebug.sh: Zeile 1151: Warnung: Kommansosubstitution: NULL byte in der Eingabe ignoriert.
***********************************
***********************************
[✓] Your debug token is: https://tricorder.pi-hole.net/brvbgo6vz8
***********************************
***********************************
My guess is, that the problem is related to PHP and CGI.