At 05:29 PM 7/25/2010, Eric Covener wrote:
On Sun, Jul 25, 2010 at 8:23 PM, Bennett Haselton <bennett@xxxxxxxxxxxxx> wrote:> At 05:08 PM 7/25/2010, Eric Covener wrote: >>>> On Sun, Jul 25, 2010 at 6:55 PM, Bennett Haselton <bennett@xxxxxxxxxxxxx>>> wrote:>> > By the way, I posted this question on vworker.com (where you can post>> > "work>> > items" for contractors to bid on, although I more often use it to post >> > questions and then people submit bids for telling me the answer), and>> > someone told me the answer for $20. >> >>> > The answer, it turns out, is the /etc/httpd/conf.d/welcome.conf file has>> > its>> > own ErrorDocument 403 directive which matches the "/" page when the "/">> > page >> > gives a 403 error, so that's why I was getting the Apache test page.>> > Comment out the lines in welcome.conf or replace it with a zero-byte>> > file>> > and you're good. (It looks like on this machine we must have previously >> > figured this out at some point, because welcome.conf had been renamed to>> > welcome.conf.bak -- but then something mysteriously restored the>> > welcome.conf file, which broke it again. I assume it might have been a>> > "yum >> > update" which put back the welcome.conf file. Hopefully having a >> > zero-byte >> > file there will prevent yum updates from clobbering it.) >> >>> > This still does not solve the problem of why I'm not getting the right >> > custom 403 error when I go to https://209.160.28.154/ though... I still >> > don't know how to make the ErrorDocument directive apply to the https>> > site. >> >> There's nothing too special about ErrorDocument, see the basic rules >> of configuration sections here: >> >> http://httpd.apache.org/docs/2.2/sections.html >>>> And recusrively grep your configuration if you don't know what's there.> > I've already read that page and followed the directions, and it's not > working the way the page describes it, or at least, there's something > missing. The page says: > "What Directives are Allowed? -- > To find out what directives are allowed in what types of configuration > sections, check the Context of the directive." > > That's what I'm doing, and it does not work. The "context" for> ErrorDocument says "server config, virtual host, directory, .htaccess". I> have put the line > ErrorDocument 403 /banned_ip.php> in the httpd.conf file, in the ssl.conf file both inside and outside the> <VirtualHost> section, and in the .htaccess file, and none of those> combinations are working -- 403 errors in https urls are still giving the> default 403 error instead of the custom one. There's some extra step> required that's not in the documentation, at least not in that portion of> it. Do you know what it is? Sure your browser isn't showing you "friendly error messages" for a short error document?
Yes. I have that option turned off in IE. In any case, what I'm seeing is a "403 forbidden" message from Apache and not a "friendly" one inserted by IE. Besides, when I access http:// URLs that generate a 403 error, I do see the "your ip has been banned" message as expected. It's only for https:// URLs that it doesn't work.
Did you actually search your configuration for other ErrorDocument 403 directives that might have a higher precedence?
Yes. And anyway like I said I'm seeing the custom 403 error message when browsing http:// URLs. It's only https:// URLs that give the default 403 error instead of the custom one.
-Bennett
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|