# Pi-hole: A black hole for Internet advertisements

# (c) 2017 Pi-hole, LLC (https://pi-hole.net)

# Network-wide ad blocking via your own hardware.

#

# Lighttpd config for Pi-hole

#

# This file is copyright under the latest version of the EUPL.

# Please see LICENSE file for your rights under this license.

​

###############################################################################

#     FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.     #

# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #

#                                                                             #

#              CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE:              #

#                         /etc/lighttpd/external.conf                         #

###############################################################################

​

server.modules = (

    "mod_access",

    "mod_accesslog",

    "mod_expire",

    "mod_compress",

    "mod_redirect",

    "mod_setenv",

    "mod_rewrite",

    "mod_fastcgi"

)

​

mimetype.assign     = (

                ".html" => "text/html",

                ".txt" => "text/plain",

                ".css" => "text/css",

                ".js" => "application/x-javascript",

                ".jpg" => "image/jpeg",

                ".jpeg" => "image/jpeg",

                ".gif" => "image/gif",

                ".png" => "image/png",

                ".svg" => "image/svg+xml",  # thanks to nikke

                "" => "application/octet-stream"

            )

​

fastcgi.server = ( 

    ".php" => (

        "localhost" => ( 

            "bin-path" => "/usr/bin/php-cgi -d session.save_path=/run/pihole",

            "socket" => "/tmp/php-fastcgi.sock",

            "broken-scriptfilename" => "enable",

            "max-procs" => 4, 

            "bin-environment" => (

                "PHP_FCGI_CHILDREN" => "1" # default value

            )

        )

    )   

)

​

server.document-root        = "/srv/http/pihole"

server.error-handler-404    = "/pihole/index.php"

server.username             = "http"

server.groupname            = "http"

server.port                 = 80

​

index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )

url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )

static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

​

compress.cache-dir          = "/var/cache/lighttpd/compress/"

compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

​

# If the URL starts with /admin, it is the Web interface

$HTTP["url"] =~ "^/admin/" {

    # Create a response header for debugging using curl -I

    setenv.add-response-header = (

        "X-Pi-hole" => "The Pi-hole Web interface is working!",

        "X-Frame-Options" => "DENY"

    )

​

    $HTTP["url"] =~ ".ttf$" {

        # Allow Block Page access to local fonts

        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )

    }

}

​

# Block . files from being served, such as .git, .github, .gitignore

$HTTP["url"] =~ "^/admin/\.(.*)" {

     url.access-deny = ("")

}

​

# Add user chosen options held in external file

#include_shell "cat external.conf 2>/dev/null"

​