A while ago I was looking to set up a Pi-hole DNS.
Since I don’t own a Raspberry Pi anymore, I figured I would set it up on my homeserver, which is also serving this site.

Just looking at the Pi-hole website this shouldn’t be a problem. However, nothing is as easy as it seems, and of course I ran into a snag setting this up.

Ubuntu and Apache

Pi-hole by default runs on Lighttpd. Which makes a ton of sense when you want to run it on something like a Raspberry Pi.
My server already has Apache running though, so I did not have a need to have another webserver running. The super simple basic installer makes it possible to not install Lighttpd, but instead use another webserver to host Pi-hole‘s frontend on.

CORS failing and the solution

All seemed to work on first sight. But when I was actually setting things up, I ran into problems with the CORS checks in Pi-hole’s code. It would in some cases (mostly submitting forms through POST) fail with an error message like
Failed CORS: null vs…

After some digging I found that the PHP code that makes up the frontend of Pi-hole expects an ORIGIN header to be set in the request headers.
Apache doesn’t enforce these headers and therefore the resulting code would come up with a null value trying to access this header value from PHP global $_SERVER.

Now Apache is quite powerful when it comes to manipulating headers, so we can just manually fix this by setting this for the location or virtualhost where the Pi-hole frontend is located 🙂 All I had to do to get rid of this little bug was just doing the following;
RequestHeader set ORIGIN “gotgeeks.nl”

After adding this to the correct section and a reload of Apache’s config files all was fine.
You can add this inside a <location> tag, or directly inside a virtualhost. It can also be set in a .htaccess file, but I prefer to keep as much configuration in a central place for clarity.

So if you run into something similar, just try specifying the HTTP_ORIGIN header yourself, and manually set it to your own domain!

Happy adblocking!

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *