Remove X-Pi-hole header

Also adds `X-Frame-Options: DENY` for the admin directory, so that an ad can't load it into a frame
8 years ago · 7bc2844b9d
parent ba283755be
commit 7bc2844b9d
1 changed files with 3 additions and 5 deletions
--- a/advanced/lighttpd.conf
+++ b/advanced/lighttpd.conf
@ -46,13 +46,11 @@ include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
 # If the URL starts with /admin, it is the Web interface
 $HTTP["url"] =~ "^/admin/" {
 	# Create a response header for debugging using curl -I
-	setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!" )
+	setenv.add-response-header = ( "X-Frame-Options" => "DENY" )
 }

 # If the URL does not start with /admin, then it is a query for an ad domain
 $HTTP["url"] =~ "^(?!/admin)/.*" {
-	# Create a response header for debugging using curl -I
-	setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." )
-        # rewrite only js requests
-        url.rewrite = ("(.*).js" => "pihole/index.js")	
+    # rewrite only js requests
+    url.rewrite = ("(.*).js" => "pihole/index.js")
 }