I'm using a whitelist on IP's, and as such I'd like to inform the user why this is so.
order deny, allow
deny from all
allow from 24.11.95.152
My IP whitelist in HTACCESS ^
Now, I set the ErrorDocument to /403
ErrorDocument 403 /403
and finally I rewrite /403 to uhoh.php
RewriteEngine On
RewriteRule ^403/?$ uhoh.php [NC]
However, I still get the typical error from LiteSpeed.
You can use ErrorDocument directly with the file you wish to use for custom message.
In your case would look like this:
ErrorDocument 403 /uhoh.php
From your example, it looks like you're trying to double redirect the error page which is not really needed.
Related
Is it possible to with this code or a simillar with same functions, deny every direct access?
At the moment If I access the website it wont load any css or js, I need to allow, but I have no idea how I should allow with RewriteRule
RewriteRule ^(functions/|dist/|includes/|css/|js/) - [F,L,NC]
ErrorDocument 403 https://example.com
ErrorDocument 404 https://example.com
my page frequently gives errors like forbidden access or internal server error, i think the problem its because my .htaccess file configuration, here it is :
<Files ~ "^\.(htaccess|htpasswd)$">
deny from all
</Files>
Options Indexes
ErrorDocument 400 ../errors/400.html
ErrorDocument 401 ../errors/401.html
ErrorDocument 403 ../errors/403.html
ErrorDocument 404 ../errors/404.html
ErrorDocument 500 ../errors/500.html
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www\.bedif\.net)(:80)? [NC]
RewriteRule ^(.*) http://bedif.net/$1 [R=301,L]
DirectoryIndex index.html
order deny,allow
deny from ../tools/
deny from ../lightbox/
deny from ../errors/
deny from ../images/
2 things:
deny from ../tools/ makes no sense at all, and all your deny from lines are causing a 500 error. The mod_auth docs say the syntax for this is:
Deny from all|host|env=[!]env-variable
Which means it can either be a "all", a host/IP, or an environmet variable. ../tools/ is none of them. You can't put paths in a Deny.
The ErrorDocument directive takes either a full URL, or an absolute path to a file. Anything else, apache assumes you're giving it a specific error message. This means, if you go to a file that doesn't exist, you'll get a 404 and the page will literally say:
../errors/404.html
as the page's message, and not the contents of the html file. Change those to absolute paths.
I am using the following code in my .htaccess:
ErrorDocument 404 error_page.php?msg=404
When I trigger a 404 error, I get a page that says this:
error_page.php?msg=404
Is there something that I am doing wrong?
Thanks
Not sure if you can pass query strings to the document designated by ErrorDocument, Something you can try is using it in conjunction with mod_rewrite:
ErrorDocument 404 /error-doc-404
ErrorDocument 405 /error-doc-405
ErrorDocument 500 /error-doc-500
RewriteEngine On
RewriteRule ^error-doc-([0-9]{3})$ /error_page.php?msg=$1 [L]
Since this is in a subdirectory off of the document root, it changes everything.
Say the subdirectory is /something/
ErrorDocument 404 /something/error-doc-404
ErrorDocument 405 /something/error-doc-405
ErrorDocument 500 /something/error-doc-500
RewriteEngine On
RewriteRule ^error-doc-([0-9]{3})$ /something/error_page.php?msg=$1 [L]
Assuming that your error_page.php file is actually in the /something/ subdirectory.
I keep getting close to what I want, but I'm not quite there. Basically, I need to block direct access to a subdirectory, but treat it like a custom error message and not a redirect. I need to maintain the URL so that an index.php file can see the requested filename, and filter site member permissions against it, and then return the file itself. I think, if I can force a 403 error on denied access, then the ErrorDocument would take over. The following .htaccess is in the "files_dir" directory. the ErrorDocuments have already been working for me for a while, but the denied access is giving trouble:
<Files ~ "^/files_dir/protected_dir/.*$">
Order allow,deny
Deny from all
Satisfy All
</Files>
ErrorDocument 404 /files_dir/index.php
ErrorDocument 403 /files_dir/index.php
ErrorDocument 405 /files_dir/index.php
I would approach this with a rewrite rule:
RewriteCond %{PATH_INFO} ^/files_dir/protected_dir/ [NC]
RewriteRule .* - [F]
This won't cause a redirect (the URL would stay intact in the browser), but would return 403 Forbidden.
Don't get why you want apache to send the 403. You could just do that with php. The only thing you need is to rewrite all urls in the protected dir to index.php.
RewriteRule ^protected_dir/ index.php
then in php
if( !$logged_in )
{
header('HTTP/1.1 403 Forbidden');
echo 'not allowed. etc.';
...
How can I get the user to be redirected if their IP was matched on the deny of an IP address, e.g.
<Limit GET POST PUT>
order allow,deny
allow from all
deny from {removed IP address}
</Limit>
I need them to be redirected to a specific website when they are denied from accessing.
Needing help with this..
Setup a script to handle 403 errors by adding this line to your .htaccess:
ErrorDocument 403 /forbidden.php
Then handle the redirect in the script:
<?php
header('Location: http://google.com');
Or to keep it all in .htaccess you could do:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} 127.0.0.1
RewriteRule (.*) http://google.com [R]
Simple solution using only htaccess
ErrorDocument 403 https:///google.com
Order Allow,Deny
Allow from 127.0.0.0/8
Allow from x.x.x.x
Allow from y.y.y.y
Make sure to comment out the directives in welcome.conf, otherwise it will keep overriding your custom ErrorDocument directive.
After that, you can put your ErrorDocument directive in VirtualHost, Document directive or in your .htaccess https://httpd.apache.org/docs/2.4/custom-error.html
Like so:
ErrorDocument 403 <Local file/Remote URL>
And if this doesn't work, then you will have to look into your CORS rule