httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bennett Haselton <benn...@peacefire.org>
Subject Re: [users@httpd] how to make ErrorDocument apply to https:// site as well?
Date Mon, 26 Jul 2010 01:22:16 GMT
At 05:30 PM 7/25/2010, Eric Covener wrote:
> > A little more potentially useful information:
> > The 403 forbidden message that comes up when I try to access an 
> https:// URL
> > also says:
> > "Additionally, a 403 Forbidden error was encountered while trying 
> to use an
> > ErrorDocument to handle the request."
> >
> > So apparently Apache is *applying* the ErrorDocument directive to 
> https://
> > requests, it's just not able to find the /banned_ip.php file when 
> doing so.
>
>No, not "not able to find".  How did you "ban" the IP

in /var/www/html/.htaccess

>and how do you
>expect Apache to be able to serve the errordocument for the banned IP?

Well, it works for http URLs -- when I go to this address from my 
home IP (which is in the "banned" list), I see the banned_ip page 
(note my browser does not get redirected, I stay on the URL below but 
I see the contents of banned_ip.php):
http://209.160.28.154/

I assume that what you're saying is basically: Since my .htaccess 
file denies access to my IP to any file underneath /var/www/html , 
why should I expect the server to be able to serve the contents of 
banned_ip.php to me, and isn't that probably why I'm getting the 
error for https:// URLs?

That makes sense, but:
1) like I said, it works for http URLs; and
2) in any case, if that is the cause, what would be the 
solution?  Move banned_ip.php to a higher-level location like 
/var/www/banned_ip.php?  The problem with that is that the path 
specified for ErrorDocument has to be relative to the DocumentRoot, 
which is /var/www/html .  (And, putting "/../banned_ip.higher.php" in 
the ErrorDocument directive to jump one directory higher, does not 
work :) That just gives a 400 Bad Request error.)

> >
> > So since my directive says
> > ErrorDocument 403 /banned_ip.php
> > how come Apache can find that file when giving a 403 error in 
> response to an
> > https request, but not in response to an http request?
>
>Maybe you punched a hole in your config to allow access to the file,
>but only in the non-SSL vhost?

Unfortunately this is on a machine that's completely clean and I 
didn't make any other changes.  So I don't know why Apache is able to 
serve /var/www/html/banned_ip.php in response to 403 errors generated 
by http requests but not https requests.

         -Bennett 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message