403 Forbidden nginx Ubuntu error

Help Community Help
1

Expected Behaviour:

I am running an Ubuntu 24.04 LTS Linode server with 1 GB of RAM and 1 CPU core, and I have run Pi-Hole successfully before. However, I recently rebuilt my server due to some other issues I was having, so I am trying to install Pi-Hole again, but this time I’m using the installation script instead of Docker. After the installation script finished and gave me a link to my web interface, I thought it would go to the log-in screen of the page. I am running nginx as my web server and a domain of notsparkable.org, with a subdomain of pihole.notsparkable.org in Namecheap.

Actual Behaviour:

I am instead getting a 403 Forbidden nginx/1.24.0 (Ubuntu) error when I try to go to http://[linode_ip]:80/admin.

Debug Token:

https://tricorder.pi-hole.net/Vk2DLmip/

2

You log shows Pi-hole is configured to use ports 80 and 443 (the default ports):

   [webserver]
     port = "80o,443os,[::]:80o,[::]:443os"

But nginx is using these ports:

[✗] tcp:0.0.0.0:80 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)
[✗] tcp:0.0.0.0:443 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)

[✗] tcp:[::]:80 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)
[✗] tcp:[::]:443 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)

One of the web servers need to use different ports.

You can change nginx settings to use different ports or you change Pi-hole settings to use different ports.

If you decide to change Pi-hole ports, use this command:

sudo pihole-FTL --config webserver.port '8080o,8443os'

Then you can access Pi-hole using one of these URLs:

3

I changed the Pi-hole ports to what you suggested, but accessing both the links you provided doesn’t access the web interface; it only loads infinitely.

4

Maybe I used the wrong IP.

Try using the correct IP for your machine.

5

You used the correct IP.

6

Then you need to check if there are any messages on the browser console (devtools).

You can check if there are firewall rules blocking these ports.

7

NOTE:

The last lines of your logs show Pi-hole was terminated:

Nov  5 17:00:02 dnsmasq[65972]: exiting on receipt of SIGTERM

And:

 2025-11-05 17:00:03.772 UTC [65972M] INFO: Thread webserver (7) is idle, terminating it.
 2025-11-05 17:00:03.772 UTC [65972M] INFO: All threads joined
 2025-11-05 17:00:03.772 UTC [65972M] INFO: PID file emptied

Please restart Pi-hole and try again.

8

image
image844×156 17.9 KB
This is what I see when I go to both URLs.

9

Please generate a new debug log, with the current settings.

10

https://tricorder.pi-hole.net/aqEure6q/

11

Pi-hole web server is using ports 8080 (for http) and 8443 (for https).

Both links above should work, but your browser is forcing the use of https because it is configured to use HTTPS-Only connections.

Your image shows the issue.
When you try http with port 8080, the browser is "upgrading" to https, but it is using the wrong port.

https connections are not allowed on port 8080. You need to use the correct port.

Try https://172.232.15.232:8443/admin (pay attention to the port used after the colon).

12

I see. I tried going to https://172.232.15.232:8443/admin, but it still hangs and doesn’t load. And the same error as before is showing again.

image

14

Ohhh... wait.

This IP is in a public IP range. This is not a local IP.

Why are you using this IP?

15

The IP is from my VPS, but I think now I shouldn’t be doing that, I’m assuming?

16

You should never expose Pi-hole DNS on the Internet.

17

Okay, I just uninstalled it. I guess I’ll be installing it locally, then.

18

If you want to access Pi-hole from the outside, I suggest you to use a VPN to connect.

19

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.