403 Forbidden

Please follow the below template, it will help us to help you!

If you are Experiencing issues with a Pi-hole install that has non-standard elements (e.g you are using nginx, apache2 or another reverse proxy, or there is some other aspect of your install that is customised) - please use the Community Help category.

Expected Behaviour:

I have successfully installed pihole on my server running Ubuntu, it has more than enough hardware for the requirements. It is not running through docker, but I have no access to the web ui I keep getting a 403 forbidden error.

Actual Behaviour:

I am reaching a 403 forbidden error when trying to access the web ui at /admin, or any of the other urls like pi.hole/admin:80

Debug Token:

https://tricorder.pi-hole.net/8GgldWHe/

You have configured Pi-hole's webserver to listen on ports 80 and 443:

   [webserver]
     (…)
     port = "80o,443os,[::]:80o,[::]:443os"

However, you are already running a separate webserver (lighttpd) on port 80:

*** [ DIAGNOSING ]: Ports in use
    udp:0.0.0.0:39520 is in use by avahi-daemon
    udp:172.20.0.1:39555 is in use by Plex
    udp:0.0.0.0:41641 is in use by tailscaled
    (…)
[✓] udp:0.0.0.0:53 is in use by pihole-FTL
    udp:0.0.0.0:123 is in use by pihole-FTL
    udp:0.0.0.0:5353 is in use by avahi-daemon
    udp:192.168.0.104:55142 is in use by Plex
    (…)
    udp:[::]:57398 is in use by avahi-daemon
    udp:[::]:41641 is in use by tailscaled
[✓] udp:[::]:53 is in use by pihole-FTL
    udp:[::]:123 is in use by pihole-FTL
    udp:[::]:5353 is in use by avahi-daemon
    tcp:127.0.0.1:45333 is in use by containerd
    tcp:0.0.0.0:8191 is in use by docker-proxy
    (…)
[✓] tcp:0.0.0.0:443 is in use by pihole-FTL
    tcp:0.0.0.0:22 is in use by systemd
[✓] tcp:0.0.0.0:53 is in use by pihole-FTL
[✗] tcp:0.0.0.0:80 is in use by lighttpd (https://docs.pi-hole.net/main/prerequisites/#ports)
    tcp:127.0.0.1:40151 is in use by Plex
    tcp:127.0.0.1:631 is in use by cupsd
    tcp:100.95.94.80:37297 is in use by tailscaled
    tcp:[::]:8191 is in use by docker-proxy
    tcp:*:7878 is in use by Radarr
    tcp:[::1]:3350 is in use by xrdp-sesman
[✓] tcp:[::]:443 is in use by pihole-FTL
    tcp:[::]:22 is in use by systemd
[✓] tcp:[::]:53 is in use by pihole-FTL
[✗] tcp:[::]:80 is in use by lighttpd (https://docs.pi-hole.net/main/prerequisites/#ports)
    tcp:*:3389 is in use by xrdp
    tcp:*:3390 is in use by gnome-remote-de
    tcp:[fd7a:115c:a1e0::d701:5e54]:54802 is in use by tailscaled
    tcp:[::1]:631 is in use by cupsd
    tcp:*:32400 is in use by Plex
    tcp:*:9696 is in use by Prowlarr
    tcp:*:8989 is in use by Sonarr

To avoid that conflict over port 80, you'd have to configure either lighttpd or Pi-hole to use another port for HTTP access.

E.g. if ports 8088 and 8443 would be free, you could try to reconfigure Pi-hole via CLI:

sudo pihole-FTL --config webserver.port '8088o,8443os,[::]:8088o,[::]:8443os

That would allow you to access Pi-hole via http://pi.hole/admin:8088 or https://pi.hole/admin:8443.

I added lighttpd due to suggestions when I was looking into troubleshooting, that got me from 404 not found to 403 forbidden. I did your recommended port switch still, and will check when I get back on the same network as my server. I am currently having trouble reaching it remotely so I am not sure if that worked yet.

Pi-hole v6 doesn't need lighttpd.

If you are not using lighttpd for other web services, you can safely disabled or uninstall it and keep Pi-hole using the default ports (80 and 443).

You can uninstall it running sudo apt remove lighttpd.

Note:

If you decide to uninstall lighttpd, you will need to restart Pi-hole after that, running sudo systemctl restart pihole-FTL.service.

Thank you! I removed it and it now works not sure why it didn't originally but I am in

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.