stackoom
  简体   繁体   中英

htaccess - return 404 instead of 403

 原文  2018-06-26 18:59:58       apache/ .htaccess/ http-headers/ http-status-code-404

Question

I'm running a webserver with apache2 on raspbian.

On /var/www/html/resources/, there are some files (with eg usernames, passwords) but I dont want to let anybody know that they exist, so I want to return a 404 (not found) status code instead of a 403 (forbidden).

(A 403 error would tell anybody that he is on the right way...)

Yes I have read many questions like this , and most of the links below this question is exactly what I need but it didn't work for me.

Do I have to change something in a file (httpd.conf,...)?

Here are all my attempts to return a 404 instead of 403.

If I try: 

 ## return 404 for each .htaccess RedirectMatch 404 ".*\\/\\..*"

in /var/www/html/.htaccess, I get a 403 instead of a 404 like I would expect, if I visit //localhost/.htaccess. 

 RewriteEngine On RewriteRule ^.*$ /404 [L]

Results in a Internal Server Error (500)

If I tried this: 

 # Will raise a 404 error, because the file <fake_file_for_apache_404.php> doesn't exist. # We change 403 to 404 ! ErrorDocument 403 /fake_file_for_apache_404.php # We need to rewrite 404 error, else we will have "fake_file_for_apache_404.php not found" ErrorDocument 404 "<!DOCTYPE HTML PUBLIC \\"-//IETF//DTD HTML 2.0//EN\\"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL <script type=\\"text/javascript\\">document.write(document.location.pathname);</script> was not found on this server.</p></body></html>"

I got a 403 in combination with a 404 (403 - the file I wanted to access was forbidden, 404 - the file I should become redirected was not found.)

So what am I doing wrong?

1 answers

solution1
 0  2018-06-26 21:38:27

You can make it in Perl. So, in the secret directories, in .htaccess: 

ErrorDocument 403 /cgi-bin/fake404.cgi

The mentioned /cgi-bin/fake404.cgi: 

#!/usr/bin/perl -w

use strict;

print 'Status: 404 Not Found
Content-Type: text/html; charset=UTF-8'."\n\n";

print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
'."<p>The requested URL $ENV{REQUEST_URI} was not found on this server.</p>\n</body></html>\n";

I tested the above Perl code: it works as expected.

PS And for secret files in non-secret directories, use the same directive in .htaccess-es, but in a <Files> of <FilesMatch> block.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Requests to .htaccess should return 404 instead of 403 Want empty folder to return 404 instead of 403 Is there a way to force apache to return 404 instead of 403? HTACCESS, render 404 instead of 403 upon wrong ip Show 404 instead of 403 Apache Web Server - How to return 404 error instead of 403 How to get .htaccess to return 404 instead of 500 for missing files Denying via 404 instead of 403 apache: redirecting to 403 instead of 404 for hidden directories if URI is directory, return 403 forbidden in htaccess
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM