Web interface does not work after update to v6 (but dns resolution still working)

nomzamo · March 12, 2025, 4:44am

I was running pihole v5 flawlessly on my raspberry p4 since a long time. some days ago i did an update to v6. after the update, pihole ist still working correctly. but i can no longer reach the web interface. i've tried several things as suggested without success (ie check if lighttpd is running, repair installation, changing ports etc.)

perhaps you could give me a hint - on basis of the debug output - what i could do or i should try, to get the interface working.

many thanks in advance & regards

Expected Behaviour:

i want to reach the dashboard via "http://10.11.12.91:6080/admin/" and "https://10.11.12.91:6443/admin/" - alternatively http(s)://pi.hole ...".

I am using a raspberry 4 with 32gb sd-card and 4gb ram. os running is raspbian bullseye 32bit version. the ip is 10.11.12.91. nginx is used as separate server for some of my web content. pihole is running together with unbound on this server, which runs behind an asus xt8 router (10.11.12.1).

Actual Behaviour:

After typing "http://pi.hole:6080/admin/login" or "https://pi.hole:6443/admin/login" the webserver responds:

Error 404: Not Found
Not found"

this also occurs when typing "curl -I -v http://127.0.0.1:6080/admin/login". if so, i get this response:

curl -I -v http://127.0.0.1:6080/admin/login
*   Trying 127.0.0.1:6080...
* Connected to 127.0.0.1 (127.0.0.1) port 6080 (#0)
> HEAD /admin/login HTTP/1.1
> Host: 127.0.0.1:6080
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
< Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
< Expires: 0
Expires: 0
< Pragma: no-cache
Pragma: no-cache
< Content-Security-Policy: default-src 'self' 'unsafe-inline';
Content-Security-Policy: default-src 'self' 'unsafe-inline';
< X-Frame-Options: DENY
X-Frame-Options: DENY
< X-XSS-Protection: 0
X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< Referrer-Policy: strict-origin-when-cross-origin
Referrer-Policy: strict-origin-when-cross-origin
< Access-Control-Allow-Headers: *
Access-Control-Allow-Headers: *
< Access-Control-Allow-Methods: *
Access-Control-Allow-Methods: *
< Content-Type: text/plain; charset=utf-8
Content-Type: text/plain; charset=utf-8
< Date: Wed, 12 Mar 2025 04:32:18 GMT
Date: Wed, 12 Mar 2025 04:32:18 GMT
< Connection: close
Connection: close

<
* Excess found: excess = 30 url = /admin/login (zero-length body)
* Closing connection 0

Debug Token:

https://tricorder.pi-hole.net/4gYWG7XT/

CTOCSE8 · March 12, 2025, 4:58am

The web interface updated significantly with v6.0 There also have been multiple updates in few days after the initial roll out. It seems to be pretty stable now. I was getting unsecure web site access and came across fix to enable HTTPS for my web admin sessions. The old links I had did not work with my new v6 install.

Pi hole v6.0 HTTPS enabled

curl -fsSL https://raw.githubusercontent.com/luizbizzio/pihole-https/main/pihole-https.sh | sudo bash

nomzamo · March 12, 2025, 5:00am

thanks for the fast reply! i'll try this immediately.

nomzamo · March 12, 2025, 5:07am

unfortunately - my problem still occurs. i've run the script you suggestet, alterede the ports in toml to 6080 and 6443 back, an restarted the service. still no web interface reachable.

CTOCSE8 · March 12, 2025, 5:07am

That command set up the HTTPS secure connection for your install. I deleted all my old shortcuts because I was only able to get non secure HTTP sessions. The previous V5 used lighthttp (sp) webserver. That is not the webserver with v6, it's much more robust.

I didn't backup my stuff and ended up having to do a clean build and set up all my old static ip's and settings to get back up at running. I lived on the edge and paid lol. My skills are very rusty so my explanation may not be the best.

nomzamo · March 12, 2025, 5:09am

i understand. thank you! possibly the last chance - if no other hint helps - will be, to get rid of my existing pihole installation and to start from scratch with a clean v6 installation. although i am trying to avoid this, becaus dns resolving still works

CTOCSE8 · March 12, 2025, 5:13am

I am on a 64b Pi4 updated to rasbian bullseye with Pi hole and it's webserver on that same system. I don't have anything else running on that Pi4 or external connections for other svcs.
The DNS resolver worked fine with new clean install. It ran flawlessly for years with pihole -up so I lived on the edge.

Bucking_Horn · March 12, 2025, 8:15am

Your Pi-hole's webserver is configured and active on ports 6080/HTTP and 6443/HTTPS.

But accessing it return a 404:

nomzamo:

curl -I -v http://127.0.0.1:6080/admin/login
*   Trying 127.0.0.1:6080...
* Connected to 127.0.0.1 (127.0.0.1) port 6080 (#0)
> HEAD /admin/login HTTP/1.1
> Host: 127.0.0.1:6080
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found

What's the output of:

ls -lah /var/www/html/admin/

nomzamo · March 12, 2025, 5:20pm

it says:

adminer@rpi1:/var/www/html/admin $ ls -lah /var/www/html/admin/
insgesamt 628K
drwxr-xr-x   9 www-data www-data 4,0K 12. Mär 05:05 .
drwxr-xr-x.  3 www-data www-data 4,0K 12. Mär 06:00 ..
-rw-r--r--   1 www-data www-data   17 12. Mär 05:05 .codespellignore
-rw-r--r--   1 www-data www-data 2,3K 12. Mär 05:05 CONTRIBUTING.md
drwxr-xr-x   2 www-data www-data 4,0K 12. Mär 05:05 .devcontainer
-rw-r--r--   1 www-data www-data  571 12. Mär 05:05 .editorconfig
-rw-r--r--   1 www-data www-data 1,1K 12. Mär 05:05 error403.lp
-rw-r--r--   1 www-data www-data  969 12. Mär 05:05 error404.lp
drwxr-xr-x   8 www-data www-data 4,0K 12. Mär 05:15 .git
-rw-r--r--   1 www-data www-data   12 12. Mär 05:05 .gitattributes
drwxr-xr-x   3 www-data www-data 4,0K 12. Mär 05:05 .github
-rw-r--r--   1 www-data www-data  154 12. Mär 05:05 .gitignore
-rw-r--r--   1 www-data www-data 1,3K 12. Mär 05:05 gravity.lp
-rw-r--r--   1 www-data www-data 4,9K 12. Mär 05:05 groups-clients.lp
-rw-r--r--   1 www-data www-data 8,7K 12. Mär 05:05 groups-domains.lp
-rw-r--r--   1 www-data www-data 4,5K 12. Mär 05:05 groups-lists.lp
-rw-r--r--   1 www-data www-data 3,3K 12. Mär 05:05 groups.lp
drwxr-xr-x   3 www-data www-data 4,0K 12. Mär 05:05 img
-rw-r--r--   1 www-data www-data  11K 12. Mär 05:05 index.lp
-rw-r--r--   1 www-data www-data 1,2K 12. Mär 05:05 interfaces.lp
-rw-r--r--   1 www-data www-data  14K 12. Mär 05:05 LICENSE
-rw-r--r--   1 www-data www-data 7,5K 12. Mär 05:05 login.lp
-rw-r--r--   1 www-data www-data 1,6K 12. Mär 05:05 messages.lp
-rw-r--r--   1 www-data www-data 2,8K 12. Mär 05:05 network.lp
-rw-r--r--   1 www-data www-data 4,0K 12. Mär 05:05 package.json
-rw-r--r--   1 www-data www-data 333K 12. Mär 05:05 package-lock.json
-rw-r--r--   1 www-data www-data 9,7K 12. Mär 05:05 queries.lp
-rw-r--r--   1 www-data www-data  10K 12. Mär 05:05 README.md
drwxr-xr-x   4 www-data www-data 4,0K 11. Mär 04:07 scripts
-rw-r--r--   1 www-data www-data 2,2K 12. Mär 05:05 search.lp
-rw-r--r--   1 www-data www-data 1,5K 12. Mär 05:05 settings-all.lp
-rw-r--r--   1 www-data www-data  15K 12. Mär 05:05 settings-api.lp
-rw-r--r--   1 www-data www-data  21K 12. Mär 05:05 settings-dhcp.lp
-rw-r--r--   1 www-data www-data  18K 12. Mär 05:05 settings-dns.lp
-rw-r--r--   1 www-data www-data 7,0K 12. Mär 05:05 settings-dnsrecords.lp
-rw-r--r--   1 www-data www-data 7,1K 12. Mär 05:05 settings-privacy.lp
-rw-r--r--   1 www-data www-data  19K 12. Mär 05:05 settings-system.lp
-rw-r--r--   1 www-data www-data 6,5K 12. Mär 05:05 settings-teleporter.lp
drwxr-xr-x   3 www-data www-data 4,0K 12. Mär 05:05 style
-rw-r--r--   1 www-data www-data 1,5K 12. Mär 05:05 taillog.lp
drwxr-xr-x  29 www-data www-data 4,0K 12. Mär 05:05 vendor

jfb · March 12, 2025, 7:04pm

You have nginx running on ports 80 and 443. That is preventing FTL (the webserver in Pi-hole V6) from binding to those ports.

[✗] tcp:0.0.0.0:443 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)
[✗] tcp:0.0.0.0:80 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)
[✗] tcp:[::]:80 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)

You have configured your Pi-hole so that FTL runs on alternate ports:

  [webserver]
     domain = "pi.hole"
     acl = ""
     port = "6080o,6443so" ### CHANGED, default = "80o,443os,[::]:80o,[::]:443os"
     threads = 50

[✓] tcp:0.0.0.0:6443 is in use by pihole-FTL
[✓] tcp:0.0.0.0:6080 is in use by pihole-FTL

Is the problem that you cannot access the web admin GUI at your Pi-hole IP with either of these ports, or that you can't access the web admin GUI using the domain pi.hole?

nomzamo · March 13, 2025, 3:04am

it want to access the gui via ip address and port (6080/6443). and this does not work.

jfb · March 13, 2025, 3:07am

From the Pi terminal what is the output of the following command:

curl -I -v http://10.11.12.91:6080/admin/

nomzamo · March 13, 2025, 3:13am

 curl -I -v http://10.11.12.91:6080/admin/
*   Trying 10.11.12.91:6080...
* Connected to 10.11.12.91 (10.11.12.91) port 6080 (#0)
> HEAD /admin/ HTTP/1.1
> Host: 10.11.12.91:6080
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
< Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
< Expires: 0
Expires: 0
< Pragma: no-cache
Pragma: no-cache
< Content-Security-Policy: default-src 'self' 'unsafe-inline';
Content-Security-Policy: default-src 'self' 'unsafe-inline';
< X-Frame-Options: DENY
X-Frame-Options: DENY
< X-XSS-Protection: 0
X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< Referrer-Policy: strict-origin-when-cross-origin
Referrer-Policy: strict-origin-when-cross-origin
< Access-Control-Allow-Headers: *
Access-Control-Allow-Headers: *
< Access-Control-Allow-Methods: *
Access-Control-Allow-Methods: *
< Content-Type: text/plain; charset=utf-8
Content-Type: text/plain; charset=utf-8
< Date: Thu, 13 Mar 2025 03:12:31 GMT
Date: Thu, 13 Mar 2025 03:12:31 GMT
< Connection: close
Connection: close

<
* Closing connection 0

nomzamo · March 13, 2025, 3:16am

besides, i've also tried to get things running after stopping nginx. unfortunately this doesn't change anything.

regards

Bucking_Horn · March 13, 2025, 7:59am

Your permissions are wrong, they are all www-data, which isn't used by Pi-hole v6's webserver.

Did you apply those permissions in an attempt to keep nginx happy?

nomzamo · March 14, 2025, 2:42am

Hi. Upon trying to solve the problem i*ve read suggestions to check these permissions and to alter it to www-data:www-data.

Before doing this, after "sudo pihole -r" the permissions were root:root.

In neither of these variants i could reach the admin interface.

nomzamo · March 14, 2025, 3:27am

I gave "sudo pihole -r" another try. Unfortunately the situation didn't change. i still can't reach the web interface - although the permissions now are "original" i think.

ls -lah /var/www/html/admin/
insgesamt 628K
drwxr-xr-x   9 www-data www-data 4,0K 14. Mär 04:05 .
drwxr-xr-x.  3 www-data www-data 4,0K 12. Mär 06:00 ..
-rw-r--r--   1 root     root       17 14. Mär 04:05 .codespellignore
-rw-r--r--   1 root     root     2,3K 14. Mär 04:05 CONTRIBUTING.md
drwxr-xr-x   2 www-data www-data 4,0K 14. Mär 04:05 .devcontainer
-rw-r--r--   1 root     root      571 14. Mär 04:05 .editorconfig
-rw-r--r--   1 root     root     1,1K 14. Mär 04:05 error403.lp
-rw-r--r--   1 root     root      969 14. Mär 04:05 error404.lp
drwxr-xr-x   8 www-data www-data 4,0K 14. Mär 04:05 .git
-rw-r--r--   1 root     root       12 14. Mär 04:05 .gitattributes
drwxr-xr-x   3 www-data www-data 4,0K 14. Mär 04:05 .github
-rw-r--r--   1 root     root      154 14. Mär 04:05 .gitignore
-rw-r--r--   1 root     root     1,3K 14. Mär 04:05 gravity.lp
-rw-r--r--   1 root     root     4,9K 14. Mär 04:05 groups-clients.lp
-rw-r--r--   1 root     root     8,7K 14. Mär 04:05 groups-domains.lp
-rw-r--r--   1 root     root     4,5K 14. Mär 04:05 groups-lists.lp
-rw-r--r--   1 root     root     3,3K 14. Mär 04:05 groups.lp
drwxr-xr-x   3 www-data www-data 4,0K 14. Mär 04:05 img
-rw-r--r--   1 root     root      11K 14. Mär 04:05 index.lp
-rw-r--r--   1 root     root     1,2K 14. Mär 04:05 interfaces.lp
-rw-r--r--   1 root     root      14K 14. Mär 04:05 LICENSE
-rw-r--r--   1 root     root     7,5K 14. Mär 04:05 login.lp
-rw-r--r--   1 root     root     1,6K 14. Mär 04:05 messages.lp
-rw-r--r--   1 root     root     2,8K 14. Mär 04:05 network.lp
-rw-r--r--   1 root     root     4,0K 14. Mär 04:05 package.json
-rw-r--r--   1 root     root     333K 14. Mär 04:05 package-lock.json
-rw-r--r--   1 root     root     9,7K 14. Mär 04:05 queries.lp
-rw-r--r--   1 root     root      10K 14. Mär 04:05 README.md
drwxr-xr-x   4 www-data www-data 4,0K 11. Mär 04:07 scripts
-rw-r--r--   1 root     root     2,2K 14. Mär 04:05 search.lp
-rw-r--r--   1 root     root     1,5K 14. Mär 04:05 settings-all.lp
-rw-r--r--   1 root     root      15K 14. Mär 04:05 settings-api.lp
-rw-r--r--   1 root     root      21K 14. Mär 04:05 settings-dhcp.lp
-rw-r--r--   1 root     root      18K 14. Mär 04:05 settings-dns.lp
-rw-r--r--   1 root     root     7,0K 14. Mär 04:05 settings-dnsrecords.lp
-rw-r--r--   1 root     root     7,1K 14. Mär 04:05 settings-privacy.lp
-rw-r--r--   1 root     root      19K 14. Mär 04:05 settings-system.lp
-rw-r--r--   1 root     root     6,5K 14. Mär 04:05 settings-teleporter.lp
drwxr-xr-x   3 www-data www-data 4,0K 14. Mär 04:05 style
-rw-r--r--   1 root     root     1,5K 14. Mär 04:05 taillog.lp
drwxr-xr-x  29 www-data www-data 4,0K 14. Mär 04:05 vendor