v8.0

+ DietPi-Software | Pi-hole: Fix/harden Nginx teleporter X-Frame-Origins header

.conf/dps_93/nginx.pihole.conf

@@ -2,16 +2,16 @@
 
 # Allow teleporter iframe on settings page
 location ~ ^(?:/html|)/admin/scripts/pi-hole/php/teleporter\.php$ {
+	# PHP handler block
+	fastcgi_pass php;
+	include snippets/fastcgi-php.conf;
+
+	if ($http_referer !~ /admin/settings\.php) {
+		add_header X-Frame-Options "DENY";
+	}
 	if ($http_referer ~ /admin/settings\.php) {
 		add_header X-Frame-Options "SAMEORIGIN";
 	}
-
-	# Standard PHP handler block
-	try_files $uri $uri/ =404;
-	location ~ ^(?:/html|)/admin/.+\.php(?:$|/) {
-		fastcgi_pass php;
-		include snippets/fastcgi-php.conf;
-	}
 }