堆栈内存溢出
  简体   繁体   English

希望空文件夹返回404而不是403

[英]Want empty folder to return 404 instead of 403

 原文  2017-08-31 08:02:43       apache/ .htaccess/ httpd.conf/ http-status-code-403

问题描述

I use the following code in my httpd.conf file to block unwanted bots and visitors (eg hitting non existing wp-login pages): 我在httpd.conf文件中使用以下代码来阻止不需要的漫游器和访问者(例如,访问不存在的wp登录页面): 

SetEnvIf User-Agent BadBot GoAway=1
Order allow,deny
Allow from all
Deny from env=GoAway

This will give them a 403 Forbidden error. 这将给他们一个403禁止错误。 On my custom 403 page I save the IP's to a database for permanent blocking / disabling them from using contact forms etc. 在我的自定义403页面上,我将IP保存到数据库中,以永久阻止/禁止使用联系表格等。

This is working very well. 这运作得很好。 However I noticed that some users are being blocked because they visited an empty folder. 但是我注意到一些用户被阻止,因为他们访问了一个空文件夹。 This is unwanted. 这是不需要的。

Using Options -Indexes I have prevented directory viewing but this will also output a 403 Forbidden error. 使用Options -Indexes我已经阻止了目录查看,但是这也会输出403 Forbidden错误。

Question: How to serve and display a 404 error when visiting an empty folder instead of a 403? 问题:在访问空文件夹而不是403时如何提供和显示404错误?

1 个解决方案

解决方案1
 2 已采纳  2017-08-31 08:37:18

Since you appear to have access to httpd.conf then you can do something like the following in a server config or virtualhost context: 由于您似乎可以访问httpd.conf因此可以在服务器配置或virtualhost上下文中执行以下操作: 

RewriteEngine On
RewriteCond %{LA-U:REQUEST_FILENAME} -d
RewriteRule /. - [R=404]

Alternatively, near the top of your .htaccess file (since you've tagged your question .htaccess ), include the following (this will also work in a directory context): 另外,在您的.htaccess文件顶部附近(因为您已经标记了问题.htaccess ),请添加以下内容(这在目录上下文中也适用): 

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule . - [R=404]

The purpose of the pattern /. 模式的目的是/. (or . ) is to prevent a 404 being served for the document root. (或. )是为了防止将404提供给文档根目录。

Depending on where you define your custom ErrorDocument , you may get a different 404 response for each method. 根据定义自定义 ErrorDocument ,每种方法可能会得到不同的404响应。

Alternatively, in your custom 403, perform the same check for the "BadBot" and only log the entry if there is a match. 或者,在您的自定义403中,对“ BadBot”执行相同的检查,仅在存在匹配项时才记录该条目。 Or, only log the entry when the request does not map to a directory. 或者,仅在请求未映射到目录时才记录该条目。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 htaccess-返回404而不是403 - htaccess - return 404 instead of 403 对.htaccess的请求应返回404而不是403 - Requests to .htaccess should return 404 instead of 403 有没有办法强制 apache 返回 404 而不是 403? - Is there a way to force apache to return 404 instead of 403? 显示404而不是403 - Show 404 instead of 403 Apache Web 服务器 - 如何返回 404 错误而不是 403 - Apache Web Server - How to return 404 error instead of 403 拒绝通过404而不是403 - Denying via 404 instead of 403 apache:重定向到 403 而不是隐藏目录的 404 - apache: redirecting to 403 instead of 404 for hidden directories Apache 响应 404 而不是 403,忽略 F 标志 - Apache responds with 404 instead of 403, ignoring F flag HTACCESS,如果IP错误,则呈现404而不是403 - HTACCESS, render 404 instead of 403 upon wrong ip 403禁止的错误显示,而不是自定义的错误404页面 - 403 Forbidden Error display instead of a customised Error 404 page
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM