I'm running a webserver with apache2 on raspbian.
On /var/www/html/resources/, there are some files (with eg usernames, passwords) but I dont want to let anybody know that they exist, so I want to return a 404 (not found) status code instead of a 403 (forbidden).
(A 403 error would tell anybody that he is on the right way...)
Yes I have read many questions like this , and most of the links below this question is exactly what I need but it didn't work for me.
Do I have to change something in a file (httpd.conf,...)?
Here are all my attempts to return a 404 instead of 403.
## return 404 for each .htaccess RedirectMatch 404 ".*\\/\\..*"
in /var/www/html/.htaccess, I get a 403 instead of a 404 like I would expect, if I visit //localhost/.htaccess.
RewriteEngine On RewriteRule ^.*$ /404 [L]
Results in a Internal Server Error (500)
# Will raise a 404 error, because the file <fake_file_for_apache_404.php> doesn't exist. # We change 403 to 404 ! ErrorDocument 403 /fake_file_for_apache_404.php # We need to rewrite 404 error, else we will have "fake_file_for_apache_404.php not found" ErrorDocument 404 "<!DOCTYPE HTML PUBLIC \\"-//IETF//DTD HTML 2.0//EN\\"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL <script type=\\"text/javascript\\">document.write(document.location.pathname);</script> was not found on this server.</p></body></html>"
I got a 403 in combination with a 404 (403 - the file I wanted to access was forbidden, 404 - the file I should become redirected was not found.)
So what am I doing wrong?
You can make it in Perl. So, in the secret directories, in .htaccess:
ErrorDocument 403 /cgi-bin/fake404.cgi
The mentioned /cgi-bin/fake404.cgi:
#!/usr/bin/perl -w
use strict;
print 'Status: 404 Not Found
Content-Type: text/html; charset=UTF-8'."\n\n";
print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
'."<p>The requested URL $ENV{REQUEST_URI} was not found on this server.</p>\n</body></html>\n";
I tested the above Perl code: it works as expected.
PS And for secret files in non-secret directories, use the same directive in .htaccess-es, but in a <Files> of <FilesMatch> block.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.