From f09c1663508aceca758a39a1912c549fa6339042 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 28 Mar 2017 23:02:00 +0100
Subject: [PATCH 1/2] Improve Error 404 page behavior

---
 advanced/index.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/advanced/index.php b/advanced/index.php
index 4cce2857..830ff4f5 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -1,15 +1,31 @@
 <?php
 /* Detailed Pi-Hole Block Page: Show "Website Blocked" if user browses to site, but not to image/file requests based on the work of WaLLy3K for DietPi & Pi-Hole */
 
+function validIP($address){
+	if (preg_match('/[.:0]/', $address) && !preg_match('/[1-9a-f]/', $address)) {
+		// Test if address contains either `:` or `0` but not 1-9 or a-f
+		return false;
+	}
+	return !filter_var($address, FILTER_VALIDATE_IP) === false;
+}
+
 $uri = escapeshellcmd($_SERVER['REQUEST_URI']);
 $serverName = escapeshellcmd($_SERVER['SERVER_NAME']);
 
 // Retrieve server URI extension (EG: jpg, exe, php)
+ini_set('pcre.recursion_limit',100);
 $uriExt = pathinfo($uri, PATHINFO_EXTENSION);
 
 // Define which URL extensions get rendered as "Website Blocked"
 $webExt = array('asp', 'htm', 'html', 'php', 'rss', 'xml');
 
+// Immediately quit since we didn't block this page (the IP address or pi.hole is explicitly requested)
+if(validIP($serverName) || $serverName === "pi.hole")
+{
+	http_response_code(404);
+	die();
+}
+
 if(in_array($uriExt, $webExt) || empty($uriExt))
 {
 	// Requested resource has an extension listed in $webExt

From ad9575ce18ddd7c5262c9af7540e7bcc8e9893d1 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 3 Apr 2017 16:28:18 +0200
Subject: [PATCH 2/2] Recognize more host names

---
 advanced/index.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/advanced/index.php b/advanced/index.php
index 830ff4f5..0ff84735 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -19,8 +19,19 @@ $uriExt = pathinfo($uri, PATHINFO_EXTENSION);
 // Define which URL extensions get rendered as "Website Blocked"
 $webExt = array('asp', 'htm', 'html', 'php', 'rss', 'xml');
 
+$AUTHORIZED_HOSTNAMES = array(
+	$ipv4,
+	$ipv6,
+	str_replace(array("[","]"), array("",""), $_SERVER["SERVER_NAME"]),
+	"pi.hole",
+	"localhost");
+// Allow user set virtual hostnames
+$virtual_host = getenv('VIRTUAL_HOST');
+if (! empty($virtual_host))
+	array_push($AUTHORIZED_HOSTNAMES, $virtual_host);
+
 // Immediately quit since we didn't block this page (the IP address or pi.hole is explicitly requested)
-if(validIP($serverName) || $serverName === "pi.hole")
+if(validIP($serverName) || in_array($serverName,$AUTHORIZED_HOSTNAMES))
 {
 	http_response_code(404);
 	die();