Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    webgui doesn't start anymore after applying systempatches on 26.03

    Scheduled Pinned Locked Moved webGUI
    5 Posts 3 Posters 260 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      stegbth
      last edited by

      Hi everyone,

      yesterday I applied the upgrade to PFsense+ 26.03 from 25.11.1.
      It came up and I installed two systempatches.
      After reboot, I'm unable to get the Webgui anymore.

      I can login with ssh and see no port 4444, which I have set is listening.
      There is Port 443 open with lighttpd, but this is only from pfblocker, not admin webgui.

      /var/etc/ipsec/strongswan.d: sockstat -l |grep 4444
      /var/etc/ipsec/strongswan.d: sockstat -l | grep 443
      root lighttpd_p 70267 4 tcp4 *:443 :

      Where do I find the webgui log, why it doesn't startup anymore?

      br
      Thomas

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG Offline
        Gertjan @stegbth
        last edited by Gertjan

        @stegbth

        Here : /var/log/

        Use the console /ssh menu to start the PHP 16) and Webgui 11)
        Then have a look at the latest log lines in /var/log/system.log and /var/log/nginx.log

        Plan Z : option 2) will reset the password, and all webgui settings.
        ( Have a look at the pfSense documentation about this subject first ))

        @stegbth said in webgui doesn't start anymore after applying systempatches on 26.03:

        Check if nginx is listening on some other port :

        sockstat -l | grep 'nginx'

        edit :
        About the two patches that came with 26.03 :
        These : "Fix potential stored XSS in ..."
        If you don't use the RSS reader in the GUI, and you don't use "ISC SHCP", these aren't critical.
        That said, I have them both applied.
        I do use the default TLS nginx port though, '443'.

        No "help me" PM's please. Use the forum, the community will thank you.

        S 1 Reply Last reply Reply Quote 0
        • S Offline
          stegbth @Gertjan
          last edited by

          Hi @Gertjan ,

          thanks for the hint about nginx.
          It complained about port 80 is already bound.

          It's bound from
          root lighttpd_p 16736 4 tcp4 *:443 :
          root lighttpd_p 16736 5 tcp4 *:80 :

          This seems to be related to pfblockerng.

          At least the webui is working again, I will check further.

          Thank you very much again.

          br
          Thomas

          S 1 Reply Last reply Reply Quote 0
          • S Offline
            stegbth @stegbth
            last edited by

            Hi,

            checking the box
            Webgui redirect removed the requirement of listening on port 80.
            No on http access a connection refused (or later the pfblocker lighttpd site) will be responded.

            97cb5f0d-289b-4f79-89c8-3928ea1edb70-image.png
            (Certificate is only modified for screenshot ;)

            SteveITSS 1 Reply Last reply Reply Quote 0
            • SteveITSS Offline
              SteveITS Rebel Alliance @stegbth
              last edited by SteveITS

              @stegbth the pfB virtual IP for DNSBL is usually attached only to localhost and listening on that VIP.

              Note in 25.11 and now 26.03 the VIP needs to be manually added to localhost and set in pfB DNSBL settings. May be related.

              Edit: that may be if uninstalled before the update, IIRC if it’s left installed it will keep it?

              To upgrade, select your branch in System/Update/Update Settings. When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
              Only install packages for your version of pfSense.
              Upvote 👍 helpful posts!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.