Lighttpd 403 admin page

Help
1

I am now having this issue as well (accept this is not my first install), and have ran the pihole -d command to find there is an issue with the X-header response from the httpd server:

*** [ DIAGNOSING ]: Pi-hole processes
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
    BLOCKING_ENABLED=true
    PIHOLE_INTERFACE=wlp3s0
    IPV4_ADDRESS=192.168.0.3/24
    IPV6_ADDRESS=2601:c6:c880:608::b5
    PIHOLE_DNS_1=1.1.1.1
    PIHOLE_DNS_2=1.0.0.1
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=true
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=true

*** [ DIAGNOSING ]: Dashboard and block page
[✗] Block page X-Header: X-Header does not match or could not be retrieved.
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Tue, 02 Jul 2019 16:08:19 GMT
Server: lighttpd/1.4.45

[✗] Web interface X-Header: X-Header does not match or could not be retrieved.
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Tue, 02 Jul 2019 16:08:19 GMT
Server: lighttpd/1.4.45
2

Please provide the debug token

3

Will do. Also, I found this looking through the error log that the -d flag generated. Doesn't look good:

$ sudo cat /var/log/lighttpd/error.log

2019-06-30 00:06:39: (server.c.1534) logfiles cycled UID = 0 PID = 26650
2019-07-01 00:01:15: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 20480 bytes) in /var/www/html/admin/api_FTL.php on line 303
2019-07-01 00:01:22: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 20480 bytes) in /var/www/html/admin/api_FTL.php on line 303
2019-07-01 09:10:03: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 20480 bytes) in /var/www/html/admin/api_FTL.php on line 303
2019-07-01 19:11:05: (server.c.1828) server stopped by UID = 0 PID = 1
2019-07-01 19:12:24: (log.c.217) server started
2019-07-02 11:00:00: (server.c.1828) server stopped by UID = 0 PID = 1
2019-07-02 11:06:19: (log.c.217) server started
2019-07-02 11:26:21: (server.c.1828) server stopped by UID = 0 PID = 1
2019-07-02 11:26:21: (log.c.217) server started
2019-07-02 11:33:19: (server.c.1828) server stopped by UID = 0 PID = 1
2019-07-02 11:34:37: (log.c.217) server started
2019-07-02 11:38:16: (server.c.1828) server stopped by UID = 0 PID = 1
2019-07-02 11:38:17: (log.c.217) server started
2019-07-02 11:45:17: (server.c.1828) server stopped by UID = 0 PID = 1
2019-07-02 11:57:55: (log.c.217) server started
2019-07-02 12:06:11: (server.c.1828) server stopped by UID = 0 PID = 1
2019-07-02 12:06:12: (log.c.217) server started
~$

Here's my token: https://tricorder.pi-hole.net/1r03472vh8

4

We don't support Linux Mint as a distribution but you may be able to find out why you are getting a 403 by checking the lighttpd error logs. I'm not sure where they may be stored on your distribution, but most likely they are in /var/log/lighttpd/error.log.

My suggestion is to use docker if you would like to stay on Mint.

5

Ok I'll look into that. Thanks!

6

One possible fix would be to purge and reinstall lighttpd:

sudo apt purge lighttpd
pihole -r # Choose repair

However, I am unable to tell from your debug log if this will fix your issue.

7

I would recommend to purge using dpkg first:

sudo dpkg -P lighttpd

sudo apt install --reinstall lighttpd

Using apt to purge the package will most likely pull down packages that depend on lighttpd as well making a mess.
dpkg will only purge/remove the files contained in the package and run the post removal script for the package.
Could always as a last resort use apt to purge the package.

pi@noads:~ $ man dpkg
[..]
       -P, --purge package...|-a|--pending
              Purge  an  installed  or  already  removed package. This
              removes  everything,  including  conffiles.   If  -a  or
              --pending  is  given instead of a package name, then all
              packages unpacked or removed, but marked to be purged in
              file /var/lib/dpkg/status, are purged.

              Note:  some configuration files might be unknown to dpkg
              because they are created and handled separately  through
              the  configuration  scripts.  In  that  case, dpkg won't
              remove them by itself, but the package's  postrm  script
              (which  is  called  by  dpkg), has to take care of their
              removal during purge. Of course, this  only  applies  to
              files  in  system  directories,  not configuration files
              written to individual users' home directories.

              Purging of a package consists of the following steps:

              1. Remove the  package,  if  not  already  removed.  See
              --remove  for  detailed  information  about  how this is
              done.

              2. Run postrm script.

pi@noads:~ $ dpkg -L lighttpd
/.
/etc
/etc/cron.daily
/etc/cron.daily/lighttpd
/etc/init.d
/etc/init.d/lighttpd
/etc/lighttpd
/etc/lighttpd/conf-available
/etc/lighttpd/conf-available/05-auth.conf
/etc/lighttpd/conf-available/10-accesslog.conf
/etc/lighttpd/conf-available/10-cgi.conf
/etc/lighttpd/conf-available/10-dir-listing.conf
/etc/lighttpd/conf-available/10-evasive.conf
/etc/lighttpd/conf-available/10-evhost.conf
/etc/lighttpd/conf-available/10-expire.conf
/etc/lighttpd/conf-available/10-fastcgi.conf
/etc/lighttpd/conf-available/10-flv-streaming.conf
/etc/lighttpd/conf-available/10-no-www.conf
/etc/lighttpd/conf-available/10-proxy.conf
/etc/lighttpd/conf-available/10-rewrite.conf
/etc/lighttpd/conf-available/10-rrdtool.conf
/etc/lighttpd/conf-available/10-simple-vhost.conf
/etc/lighttpd/conf-available/10-ssi.conf
/etc/lighttpd/conf-available/10-ssl.conf
/etc/lighttpd/conf-available/10-status.conf
/etc/lighttpd/conf-available/10-userdir.conf
/etc/lighttpd/conf-available/10-usertrack.conf
/etc/lighttpd/conf-available/11-extforward.conf
/etc/lighttpd/conf-available/15-fastcgi-php.conf
/etc/lighttpd/conf-available/90-debian-doc.conf
/etc/lighttpd/conf-available/README
/etc/lighttpd/conf-enabled
/etc/lighttpd/lighttpd.conf
/etc/logrotate.d
/etc/logrotate.d/lighttpd
/lib
/lib/systemd
/lib/systemd/system
/lib/systemd/system/lighttpd.service
/usr
/usr/lib
/usr/lib/lighttpd
/usr/lib/lighttpd/mod_access.so
/usr/lib/lighttpd/mod_accesslog.so
/usr/lib/lighttpd/mod_alias.so
/usr/lib/lighttpd/mod_auth.so
/usr/lib/lighttpd/mod_authn_file.so
/usr/lib/lighttpd/mod_cgi.so
/usr/lib/lighttpd/mod_compress.so
/usr/lib/lighttpd/mod_deflate.so
/usr/lib/lighttpd/mod_dirlisting.so
/usr/lib/lighttpd/mod_evasive.so
/usr/lib/lighttpd/mod_evhost.so
/usr/lib/lighttpd/mod_expire.so
/usr/lib/lighttpd/mod_extforward.so
/usr/lib/lighttpd/mod_fastcgi.so
/usr/lib/lighttpd/mod_flv_streaming.so
/usr/lib/lighttpd/mod_indexfile.so
/usr/lib/lighttpd/mod_proxy.so
/usr/lib/lighttpd/mod_redirect.so
/usr/lib/lighttpd/mod_rewrite.so
/usr/lib/lighttpd/mod_rrdtool.so
/usr/lib/lighttpd/mod_scgi.so
/usr/lib/lighttpd/mod_secdownload.so
/usr/lib/lighttpd/mod_setenv.so
/usr/lib/lighttpd/mod_simple_vhost.so
/usr/lib/lighttpd/mod_ssi.so
/usr/lib/lighttpd/mod_staticfile.so
/usr/lib/lighttpd/mod_status.so
/usr/lib/lighttpd/mod_uploadprogress.so
/usr/lib/lighttpd/mod_userdir.so
/usr/lib/lighttpd/mod_usertrack.so
/usr/lib/tmpfiles.d
/usr/lib/tmpfiles.d/lighttpd.tmpfile.conf
/usr/sbin
/usr/sbin/lighttpd
/usr/sbin/lighttpd-angel
/usr/sbin/lighty-enable-mod
/usr/share
/usr/share/doc
/usr/share/doc/lighttpd
/usr/share/doc/lighttpd/NEWS.Debian.gz
/usr/share/doc/lighttpd/README
/usr/share/doc/lighttpd/changelog.Debian.gz
/usr/share/doc/lighttpd/changelog.gz
/usr/share/doc/lighttpd/copyright
/usr/share/lighttpd
/usr/share/lighttpd/create-mime.assign.pl
/usr/share/lighttpd/include-conf-enabled.pl
/usr/share/lighttpd/index.html
/usr/share/lighttpd/use-ipv6.pl
/usr/share/lintian
/usr/share/lintian/overrides
/usr/share/lintian/overrides/lighttpd
/usr/share/man
/usr/share/man/man1
/usr/share/man/man1/lighty-enable-mod.1.gz
/usr/share/man/man8
/usr/share/man/man8/lighttpd-angel.8.gz
/usr/share/man/man8/lighttpd.8.gz
/var
/var/cache
/var/cache/lighttpd
/var/cache/lighttpd/compress
/var/cache/lighttpd/uploads
/var/log
/var/log/lighttpd
/var/www
/var/www/cgi-bin
/var/www/html
/usr/sbin/lighttpd-disable-mod
/usr/sbin/lighttpd-enable-mod
/usr/sbin/lighty-disable-mod
/usr/share/man/man1/lighttpd-disable-mod.1.gz
/usr/share/man/man1/lighttpd-enable-mod.1.gz
/usr/share/man/man1/lighty-disable-mod.1.gz
8

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.