Landing page shows default lighthttpd page

[VennGrayDog]

Versions

Pi-hole version is v5.15.5 (Latest: v5.15.5)
AdminLTE version is v5.18.4 (Latest: v5.18.4)
FTL version is v5.21 (Latest: v5.21)
Container tag is: 2023.02.1

Platform

• OS and version: Ubuntu 22.04

• Platform: Docker

Expected behavior

Landing page of PiHole shows a page that asks if I want to go to admin page.
http://[IPaddress:port] should show me an error page according to https://pi-hole.net/blog/2023/01/15/pi-hole-ftl-v5-20-1-web-v5-18-1-and-core-v5-15-released/ (thanks rdwebdesign)

Actual behavior / bug

Landing page is default Lighttpd page

Steps to reproduce

Steps to reproduce the behavior:

1. Go to http://IP:port
2. See wrong landing page

[✓] Your debug token is: https://tricorder.pi-hole.net/wim5hft4rq

Screenshots

[rdwebdesign]

This is expected.

https://pi-hole.net/blog/2023/01/15/pi-hole-ftl-v5-20-1-web-v5-18-1-and-core-v5-15-released/

Lighttpd Config

Automatic redirection to /admin will only happen if you browse via http://pi.hole. If you wish to browse via http://[IP Address], then you will need to ensure that you add /admin manually. In the past, a splash screen has been shown with a link to /admin, however this is now removed along with the now-defunct blockpage.

[VennGrayDog]

'''
This means that if you browse to your Pi-hole device using just the IP address, you will receive a 403 or 404 error, as there is nothing there to intercept your request.
'''

This is not what I see. I see default lighthttpd page.

[rdwebdesign]

Go to http://IP:port

This is wrong.
The text says: "Automatic redirection to /admin will only happen if you browse via http://pi.hole/", but you are using the IP.

You need to add /admin:
"If you wish to browse via http://[IP Address], then you will need to ensure that you add /admin manually"

[VennGrayDog]

According you the link that you provided above when I go to http://[IP address] I should receive and error:

This means that if you browse to your Pi-hole device using just the IP address, you will receive a 403 or 404 error, as there is nothing there to intercept your request.

This is not what I see.
My initial misunderstanding was that PiHole should be showing landing page.
But now it looks like PiHole should we showing error page and instead I am getting default lighttpd page - which is also wrong.

[rdwebdesign]

The text was written for bare metal installs in mind. Inside a docker container the behavior I posted is the correct one.

But now it looks like PiHole should we showing error page and instead I am getting default lighttpd page - which is also wrong.

No.
There is no error page, only an error message and your browser will show the error for you.
(the text says: "you will receive a 403 or 404 error", but again: this is on bare metal installs)

Inside the container, there is a config to avoid the error. That's why you see this page even using an IP.

You can also set the FTLCONF_LOCAL_IPV4=<your_pihole_IP>. This will avoid the page and you don't need to type /admin.

[VennGrayDog]

I am confused.
For docker installation with server IP 192.168.0.50 and exposed port of PiHole 8280 - what should I get when I enter http://192.168.0.50:8280 in my browser window?
My understanding is that I should get 403/404 error. I am not expecting to see some custom error page from PiHole. I am expecting to get general error page of my browser.

[rdwebdesign]

You are not reading:

Add /admin.

Use http://192.168.0.50:8280/admin

[VennGrayDog]

I am reading :-) I understand how to reach admin page. I understand that I need to add /admin.
My issue is not with admin page, but with http://[ip:port] page.
This is page that is serviced by the same lighttpd server as admin page.
According to release notes linked above this page should from now on return 404 error code to the browser.
Instead lighttpd returns "default" page.
This is the issue that needs to be fixed.

[dschaper]

Then remove the index.html file from /var/www/html. We don't include that file so we don't expect it to be there.

The changes made and referenced in the release notes are for you to be able to set up what ever services you'd like to see or use at http://IP instead of being forced to see Pi-hole there. So now you can, just happens that your setup put the default lighttpd page there.

No issue here really.

[VennGrayDog]

I am using official Pi-Hole docker container. And I --force-recreated it before posting this question. Any index.html that is present comes from official pi-hole docker image.

[dschaper]

Okay, what I see from the official Pi-hole docker image:

/etc/lighttpd/lighttpd.conf shows

index-file.names = ( "index.php", "index.html" )

You should be able to confirm the same on yours. Then taking a look at the contents of the /var/www/html directory:

root@6688743fd3b1:/etc/lighttpd/conf-enabled# cd /var/www/html
root@6688743fd3b1:/var/www/html# ls
admin  index.lighttpd.html

There isn't an index.html file there. Since you are using Docker can you please provide the docker-compose or the docker run command you are using? Also the debug token URL you provided does not exist, can you run the debug again and provide a new token?

[VennGrayDog]

root@ea4933c6eaac:/# cat /etc/lighttpd/lighttpd.conf |grep index-file
index-file.names            = ( "index.php", "index.html" )

root@ea4933c6eaac:/# ls -la /var/www/html
total 16
drwxrwxr-x 1 www-data www-data 4096 Feb 12 11:09 .
drwxr-xr-x 1 root     root     4096 Feb 11 21:04 ..
drwxr-xr-x 7 root     root     4096 Feb 12 11:09 admin
-rw-r--r-- 1 root     root     3388 Feb 11 21:05 index.lighttpd.html

pihole:
        image: pihole/pihole:latest
        container_name: pihole
        ports:
            - "53:53/tcp"
            - "53:53/udp"
            - "8280:80/tcp"
        environment:
            - TZ=America/Toronto
        volumes:
            - './etc:/etc/pihole'
            - './dnsmasq.d:/etc/dnsmasq.d'    
        restart: unless-stopped

[VennGrayDog]

after

root@ea4933c6eaac:/var/www/html# mv index.lighttpd.html index.lighttpd.html.old

Now I get correct behavior:

[dschaper]

Okay, can you explain why you see that as 'correct' behavior? Is that because you want a 403 or because the documentation says 403?

What is it that you want to happen?

[VennGrayDog]

[dschaper]

Oh, okay. So having the page displayed instead of a 403 didn't cause any issues, you are just reporting that the release notes don't match up to what you see?

In that case, thank you for the notification.

[VennGrayDog]

And in my opinion displaying default Lighttpd is wrong.
The base url for Pi-Hole "service" is `http://[ip:port]'.
Any api call on the base url should either return valid result or an error. I don't consider "default page of lighttpd" as valid result.
Returning some random web page for the base url of api is dangerous.
What if lighttpd changes their default page in the future in the way that will allow unlimited access to server?

[dschaper]

Then all the default installs of lighttpd across all the world will suddenly be exposed. But that can't actually happen.

The default page of lighttpd has been the standard everywhere for just about as long as lighttpd has been around. Apache does the same.

API's aren't involved anywhere, there's nothing listening for API calls. Rest assured that all is well with the world (at least Pi-hole) with the current setup. Thanks for the comments and the notification about your concerns.

[VennGrayDog]

I know no other software that leaves default http page in the final release.
The page literary says - you should replace me as soon as possible.
I will then let you folks to decide what is the best scenario here.
Thank you for you time and thank you for the great product.

[PromoFaux]

Thanks for the reminder, I kept meaning to delete it when I first saw it - life gets in the way sometimes (and it was doing no real harm).

Tagged a new image of 2023.02.2 which removes this file by default.

Worth noting that if you are using the docker image - you should also watch the releases on this repo, as sometimes there are configurations in this image that slightly differ from the bare metal installation.

For example in 2023.01 I added in a config that will auto redirect http://${FTLCONF_LOCAL_IPV4} or http://${VIRTUAL_HOST} to /admin. We can do that in this image because it is very unlikely that someone is hosting another webpage in the /var/www/html directory of this container.

On bare metal we have to be careful not to overwrite people's configs

[VennGrayDog]

Thank you.