Own logo



  • Hi guys,
    i was curious if possible to have own logo on the new 2.3 home page of Pfsense.
    thank you


  • Moderator

    Goto the Dashboard, click the "+" add widget Icon, and add the "Picture widget"… then click the picture wrench Icon to upload the picture...


  • Administrator

    you can replace the image(s) with whatever you want for personal use. If you plan on redistributing check the license.



  • @BBcan177:

    Goto the Dashboard, click the "+" add widget Icon, and add the "Picture widget"… then click the picture wrench Icon to upload the picture...

    thank you for your answer.
    I meant with the first picture on the 2.3 before you log in.
    see attached.
    does you steps apply to this ?
    thank you




  • I do this. go to /usr/local/www and find the logo-black.png file. then modify it as needed. I have done this as I want to be able to identify the correct firewall between the few we run. all in house and I dont modify anything else. As a side note it would be nice if in the menu, where you change themes there was an entry option to put in an identifier name string or the like so I didnt have to do this.




  • Thank you mike for your answer.
    this exactly the while idea behind. to identify which firewall I am working on.
    its working fine now. much appreciate it


  • Netgate

    I look at the address bar. That's easier than making sure I have the right image on the right firewall that has to be uploaded outside of config.xml.

    Even better is StartSSL or LetsEncrypt certificates and real host names with port 80 disabled.



  • @Derelict:

    I look at the address bar. That's easier than making sure I have the right image on the right firewall that has to be uploaded outside of config.xml.

    Even better is StartSSL or LetsEncrypt certificates and real host names with port 80 disabled.

    Thank you for your answer
    any suggestions how to do so using Startssl ? would this ssl affect the already configured vpn ssl ?


  • Rebel Alliance Global Moderator

    "to identify which firewall I am working on."

    So you don't know what firewall is what based upon name, fqdn, IP?

    Couldn't you just use names like pf-sitename.domain.tld or pfsense.sitename.domain.tld, pfsense.sitedomain.tld, pfsense.othersitedomain.tld, etc.. or if just using IP would they be different IP?

    While sure having logo that reflects the site is fine, sure why not, etc.  But that should just go inline with how you actually access pfsense.

    As to putting a cert that matches up with name, etc.  Are you accessing pfsense via public side with a public registered domain name.  Then sure you can use startssl or the new letsencrypt certs or any public CA that issues certs, etc.

    If your accessing them with rfc1918 IP address, or your own non public domain name.  You can just use your own self signed certs, be it issued from pfsense CA.  You can use just 1 as common CA, so you only have to trust the one CA for all your certs.  Or any other locally hosted CA that you trust to issue the certs, etc. Shoot even if accessed via public side and publidomain name you can still just use a selfsigned.  Normally the only people access pfsense web gui should be admin types and should be able to trust your internal CA that signed the certs in use.  Public signed certs are good for https that is accessed by the masses where you have no control over what CA's they trust..  If that is the case then sure startssl or letsencrypt are cheap/free ways to get that done.

    I would suggest you use a combination, where you use unique fqdn to access each instance of pfsense where in the fqdn is a way to distinguish which one your on.  I would think they are all different IPs as well, but maybe not depending on your sites, etc..  Yes a cert that has the cn of the unique fqdn and IP for good measure as a SAN, along with sure different logos for each one..



  • @johnpoz:

    "to identify which firewall I am working on."

    So you don't know what firewall is what based upon name, fqdn, IP?

    Couldn't you just use names like pf-sitename.domain.tld or pfsense.sitename.domain.tld, pfsense.sitedomain.tld, pfsense.othersitedomain.tld, etc.. or if just using IP would they be different IP?

    While sure having logo that reflects the site is fine, sure why not, etc.  But that should just go inline with how you actually access pfsense.

    As to putting a cert that matches up with name, etc.  Are you accessing pfsense via public side with a public registered domain name.  Then sure you can use startssl or the new letsencrypt certs or any public CA that issues certs, etc.

    If your accessing them with rfc1918 IP address, or your own non public domain name.  You can just use your own self signed certs, be it issued from pfsense CA.  You can use just 1 as common CA, so you only have to trust the one CA for all your certs.  Or any other locally hosted CA that you trust to issue the certs, etc. Shoot even if accessed via public side and publidomain name you can still just use a selfsigned.  Normally the only people access pfsense web gui should be admin types and should be able to trust your internal CA that signed the certs in use.  Public signed certs are good for https that is accessed by the masses where you have no control over what CA's they trust..  If that is the case then sure startssl or letsencrypt are cheap/free ways to get that done.

    I would suggest you use a combination, where you use unique fqdn to access each instance of pfsense where in the fqdn is a way to distinguish which one your on.  I would think they are all different IPs as well, but maybe not depending on your sites, etc..  Yes a cert that has the cn of the unique fqdn and IP for good measure as a SAN, along with sure different logos for each one..

    Thank you John,
    well explained big thank you



  • @johnpoz:

    "to identify which firewall I am working on."

    So you don't know what firewall is what based upon name, fqdn, IP?

    Couldn't you just use names like pf-sitename.domain.tld or pfsense.sitename.domain.tld, pfsense.sitedomain.tld, pfsense.othersitedomain.tld, etc.. or if just using IP would they be different IP?

    I like to apply different themes to the 3 pfsense boxes that I administer. Have you ever tried to compare 3 sets of ipsec settings across 3 different firewalls? It can get very confusing, and having a strong visual reference helps keep my head on straight.

    Sure, the address in the URL bar is a logical equivalent, but a different theme and image is more reliable when dealing with humans.