The answer, it turns out, is the /etc/httpd/conf.d/welcome.conf file has its own ErrorDocument 403 directive which matches the "/" page when the "/" page gives a 403 error, so that's why I was getting the Apache test page. Comment out the lines in welcome.conf or replace it with a zero-byte file and you're good. (It looks like on this machine we must have previously figured this out at some point, because welcome.conf had been renamed to welcome.conf.bak -- but then something mysteriously restored the welcome.conf file, which broke it again. I assume it might have been a "yum update" which put back the welcome.conf file. Hopefully having a zero-byte file there will prevent yum updates from clobbering it.)
This still does not solve the problem of why I'm not getting the right custom 403 error when I go to https://209.160.28.154/ though... I still don't know how to make the ErrorDocument directive apply to the https site.
-Bennett
At 05:10 PM 7/23/2010, Bennett Haselton wrote:
I'm trying to ban certain IPs from visiting my site, so that they instead see a message saying "Your IP has been banned, email me if you think this is an error." I've *almost* got it working -- when people visit URLs likehttp://209.160.28.154/index.html or http://209.160.28.154/foo-does-not-existthey see the "banned IP" message. However, the problem is that if you try to access the front page:http://209.160.28.154/from a banned IP address, you see the "Apache Test Page for CentOS" page, instead of seeing the "banned IP" message. Anybody recognize this problem or have an idea of what could be causing it?In my httpd.conf file, I changed "AllowOverride None" to "AllowOverride All" in both the default <Directory /> tag and inside the <Directory "/var/www/html"> tag -- I placed a modified copy of httpd.conf at:http://209.160.28.154/httpd.conf and in /var/www/html I placed a .htaccess file containing these lines: >>> ErrorDocument 403 /banned_ip.php order deny,allow deny from 71.112.32.149 >>>and restarted the server. (The page http://209.160.28.154/banned_ip.php shows the message you're supposed to see when connecting from a banned IP. 71.112.32.149 is my home machine IP which I've "banned" for testing purposes.)So like I said, that almost works, where http://209.160.28.154/index.html gives the right error message, but http://209.160.28.154/ does not. Any idea how to change is to that all URLs under http://209.160.28.154/ will give the "banned IP" message if connecting from a banned IP?-Bennett --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|