@svandive Look at the logs ? Have a look at what happens on the 'server' side : the web server GUI logs. Console or SSH access, option 8, and then : tail -f /var/log/nginx.log

@mbarlow So you use 24.11 ? The thing is, this file /usr/local/www/head.inc and line : [image: 1738838665684-76180f08-ef13-4e57-aade-40f47834143c-image.png] doesn't seem to match with what you have. There is no PHP on line 535. Ok, true, you use a 1100 so it's not 'amd/intel" based, you have an arm version. I'm presuming the GUI is still the same ... The fact that you use ZFS will protect you from file system issues. Just for the fun, when you have time, do the file check as explained in the video. It can't hurt ^^

@khb ah misread, sorry

Having gone ahead and created an explicit gateway group, with both WAN's Tier 1 .. and adjusting the LAN firewall rules to use that gateway group, enable/disable now works to simulate a wire pull for failover. I'll also note that performance is now very good, at peak 2x our previous best observed peaks (up+down)

@opoplawski The one liner method works also : $config = parse_config(true); print_r($config); exec

@Gertjan On a separate note Thank you for sharing the screenshot. I had been pulling my hair for the past few days trying to figure out why I could not access my WAN GUI from a external network. I had followed the steps and setup the rule. But your screenshot showed me that I also needed to specify the port within the rule to allow access rather than a choosing HTTP or HTTPS as the destination port FYI for anyone reading this, you need to pick Port Range as "other" and insert the Port you chose for your GUI which was set in System>Advanced> TCP Port I'm enjoying learning about all this all thanks to you @Gertjan. On behalf of all the newbies and rookies, thank you for all your contributions

@madmaxpr said in 24.11 GUI crash report from firewall log: nach Korrekturen suchen. thanks, i have installed the patch and is worked now without errors

@patient0 said in Error Response Received / Can't access the Web GUI But seems to be Working: And I would have thought that installing AdGuard (not an pfSense package AFAIK) @doug_gordon41 : A non pfSense package that uses the DNS port, thus blocking the resolver from using it. It has a web server, thus blocking the pfSense GUI from using it. Etc. Read Using Software from FreeBSD again ... Imho : re install pfSense.

@Fitin said in I can't access the web gui after changing hardware, but all services are working fine: now the only thing I can't access again is the pfSense webgui in any way What does the console menu shows you ? And : ifconfig Double check that you didn't mix WAN and some LAN port. ps aux | grep 'nginx' sockstat -4 | grep 'nginx' The new system has new ? other network interface ? If they got reordered at start, what previous firewall rules will be assigned to what interface ? ( just thinking out loud here )

@Gertjan 7zip did the trick. Thank you.

@Gertjan said in Shouldn't be here? (Solved): edit : which creates the hilarious situation where you can't apply (it was applied), neither revert the original patch : If you revert the second one then you can revert the original fix -- it's why they're ordered that way. So if you use apply all or revert all it will come out OK either way.

@Gertjan said in RESOLVED Configuration history hanging php: And "backupcount" is set to what ? 100 ? I couldn't check this value exactly because it was hanging. But based on the config size and the folder size, I would say a hundred indeed. This one ? Yes. How I didn't see that option to change the behavior Just changed to "Automatically backup on a regular schedule" and enabled ACB again.

@Gertjan Thank you for the reply! I want to go back and test this again later but it seemed when I ran the tail log in your first command (in ssh) the gui was more responsive. I really had to zip (10-15 consecutive page loads) around the gui with the nginx/system log both visible for it to actually lock up. I also double checked the unbound log, and manually restarted it to make sure it was catching a start. Unfortunately, the only 'start of service' message I received was the manual restart from the status > services page. I will add, while zipping through the highest CPU usage of the vm was 4.56%, I don't think that would be an evident issue at the moment but I'm open to suggestions. Additionally, being that this is a webgui issue. I'm currently using firefox ver: 134.0b10 (64-bit), I switched to beta during the youtube issue. This does appear on chrome as well. Outside of browser, I previously had the VM configured with full passover of the realtek (RTL8125) nic for the WAN interface, and a virtIO linux bridge for the LAN adapter. I stood up/rebuilt the pfsense vm, and re-added the config from a backup recently in an attempt to fix this issue, and both adapters are currenly virtIO linux bridge adapters.

@bmeeks Thanks, that makes perfect sense. Sorting timestamps in that month-first format would be a mess! My responses are being held for administrator approval since I just signed up to post this thread. Hopefully they still make sense being out of order. I had already found the setting you pointed me to, and also a timestamp format setting to make alpha sorting work properly.

@WhoAmI68 AFAIK pfSense has no concept of “from” like MySQL does (user@ip).

@GPz1100 said in GUI services in the system log are filled with nginx messages: @fireodo , @SteveITS I assume this does not survive updates and has to be edited each time? That is correct! Or has gui log level been added to a gui setting to be managed (set different log level or disable entire)? No, not in 2.7.2 and not in 24.11

@Almas said in How to increase nginx php-fpm timeout?: There was the file "/etc/inc/system.inc" was used to generate the /var/etc/nginx-webConfigurator.conf Just keep in mind that files like "/etc/inc/system.inc" will get updated (rewriiten, new version) when upgrading pfSense. Also, likewise, when patches are published and it modifies a file modified by you, the patch might not apply. So, keep some local documentation about your modifications, so you can re apply your mods later on, if needed.

Your rule has a syntax error. I believe this is an invalid address specification: 10.0.0.0/8 ![10.0.0.0/8] And you should post questions related to the IDS/IPS packages (Snort and Suricata) in the IDS/IPS sub-forum here: https://forum.netgate.com/category/53/ids-ips.