Hi,
my general question is how I can generate customized error responses
while using the mod_rewrite module. Yes, I know the page
https://httpd.apache.org/docs/2.4/custom-error.html
but the ErrorDocument directive allows only to do some customization per
status code optionally refined by context but I want to output customized
error pages specifically for many different request conditions determined
mainly by various RewriteCond directives.
Here an actual special example: On a server running httpd 2.4 I want to
disallow the HTTPS access using the TLSv1.0 protocol. To order do that not
too "hard" but a little bit client-friendly TLSv1.0 accesses aren't yet
really disabled but redirected for a limited period to an according
information page. Currently that is realized with the following
configuration
RewriteCond %{SSL:SSL_PROTOCOL} ^TLSv1$
RewriteRule (.*) /https_tlsv10.html [R=permanent,L]
The big disadvantage of that solution is that it returns an obviously
incorrect HTTP response status code 301 ("Moved Permanently") but I want
that the server returns an appropriate 4xx or 5xx status code (ok, I am not
sure what would be an "appropriate" one). By the way, the current 301
redirection let some bots (using still TLSv1.0) nevertheless access that
information page many thousand times (but maybe they would that do also
with a returned 4xx or 5xx response status code).
Unfortunately for the RewriteRule directive for e.g. a Rewrite flag R=4xx
instead of R=permanent isn't allowed (only 300-399, why?) so I had
considered the usage of the <If> directive but didn't find a working
solution.
So maybe the only working solution is the detour via an external CGI
program.
Probably I have something overseen, so any ideas or comments?
Jens
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|