Pi-hole behind your nginx reverse proxy

Pi-hole®: A black hole for Internet advertisements


Install Pi-hole by running

sudo -s
curl -sSL https://install.pi-hole.net | bash

and follow the instructions:

Then change the Pi-hole port from 80 to e.g. 86:

vi /etc/lighttpd/lighttpd.conf
server.port = 86

and restart lighthttpd

systemctl enable lighttpd.service && service lighttpd restart

Now modify your nginx (reverse proxy) configuration (either “/etc/nginx/conf.d/gateway.conf” or “/etc/nginx/conf.d/nextcloud.conf”) and add:

location ^~ /pihole {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#auth_basic "Restricted Area";
#auth_basic_user_file /etc/nginx/.htpasswd;
proxy_read_timeout 90;

Find more information on: Nextcloud 13, Roundcube, WordPress, Shellinabox and Pi-hole behind a NGINX reverse proxy.

Change the DNS setting in your router to the IP of your Pi-Hole ( and e.g. open-dns ( as an alternative DNS:

Then restart nginx as well

service nginx restart

and call your Pi-hole in your preferred browser:


From now all clients will requests DNS from Pi-hole forwarded by your origin dhcp-router (e.g. fritz.box). If you want to modify your clients in particular just configure the DNS manually in the network interfaces:

primary DNS: (your Pi-hole)
secondary DNS: (openDNS)

Enjoy your Nextcloud and Pi-hole®: A black hole for Internet advertisements

Carsten Rieger

9 Responses

  1. Andreas says:

    Hallo Carsten,

    vielen Dank für Deine Anleitungen an der Stelle! Ich habe bislang noch nichts Vergleichbares gefunden, das so weit gedacht ist.

    Es gibt leider zwei Probleme mit dem pihole auf meinem Odroid C2, nach Deinem Advanced Nextcloud-Guide eingerichtet:
    – “No IP addresses found! Please run ‘pihole -r’ to reconfigure” am Ende der pihole-Konfiguration und
    – der Aufruf von https://…/pihole für immer auf https://…/login der Nextcloud, ich kann also nginx nicht die neue Location beibringen (ich verwende /etc/nginx/conf.d/nextcloud.conf als config.

    Stört die fehlende statische IP-Zuweisung? Ich denke, hier wird etwas nicht korrekt geparst.
    Wo genau gehört die Location eingebaut (/netdata ist auch schon dabei)?

    Vielen Dank und LG, Andreas.

  2. Manfred says:

    Hallo Carsten,
    wieder eine super Anleitung.
    Hat alles super geklappt.

  3. Ingolf says:

    Hello Carsten,
    I have tried your variant in a very similar form, but the admin interface opens with the note “Javascript is disabled”. Unfortunately, in this way, the admin interface is not really usable.
    My configuration is as follows:
    pi-hole runs on a separate machine in the standard configuration. In my internal network, I cann access the admin interface normally.
    On my reverse proxy I set the following:

    location ^~ /pihole {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    auth_basic “Restricted Area”;
    auth_basic_user_file /etc/nginx/.htpasswd;
    proxy_read_timeout 90;

    Do you know what I have to do to make it work over the proxy correctly?

    • Hi Ingolf, It seems the port wasn’t set properly?
      Did you apply port e. g. 86 @ vi /etc/lighttpd/lighttpd.conf server.port = 86
      Then replace proxy_pass;.
      Cheers Carsten

      • Ingolf says:

        No, this I didn’t have tried, but I think this will not change the behaviour of missing JavaScript. What’s the reason, that you changed the port? And why do you think, that changing the port would bring up JavaScript?
        Nevertheless, I will test it.

Leave a Reply

Your email address will not be published. Required fields are marked *