[Suggestion] Always use HTTPS

tomwilson · November 18, 2023, 1:28pm

It would be nice to see a setting in web to always enable HTTPS.

This way if you have set up an SSL, it would always redirect to HTTPS

Blockhead · November 18, 2023, 1:53pm

I believe you can edit the pihole.toml settings, under all settings in the web interface, to set port to "80r,[::]:80r,443s,[::]:443s” for example. (Or directly edit pihole.toml to port = "80r,[::]:80r,443s,[::]:443s”)

The r stands for redirect.

tomwilson · November 18, 2023, 10:36pm

I've done that, but it redirects to the IP of my server, not the domain, despite it being set in webserver.domain?

Blockhead · November 19, 2023, 12:30am

What does curl -vL <your fqdn> show?

DL6ER · November 19, 2023, 8:37am

Please try FTL from custom branch tweak/auth_domain using

pihole checkout ftl tweak/auth_domain

The name is a bit misleading, but it seems they have already recognized this themselves:

github.com/pi-hole/FTL

src/webserver/civetweb/civetweb.c

17716ef51


      
          	/* Authentication domain is mandatory */
          	/* TODO: Maybe use a new option hostname? */
          	if (!new_dom->config[AUTHENTICATION_DOMAIN]) {

edit Connected PR

https://github.com/pi-hole/FTL/pull/1764

tomwilson · November 22, 2023, 9:28pm

This works now! Thanks. Would be good to have this as a setting though that’s easily able to turn off/on.

DL6ER · November 22, 2023, 9:33pm

Since you have full control about the ports string, I am not sure right now how we'd add such a setting without adding a possible conflict between these two settings... Any ideas are welcomed and will be discussed!