By the way, I posted this question on vworker.com (where you can post
"work items" for contractors to bid on, although I more often use it
to post questions and then people submit bids for telling me the
answer), and someone told me the answer for $20.
The answer, it turns out, is the /etc/httpd/conf.d/welcome.conf file
has its own ErrorDocument 403 directive which matches the "/" page
when the "/" page gives a 403 error, so that's why I was getting the
Apache test page. Comment out the lines in welcome.conf or replace
it with a zero-byte file and you're good. (It looks like on this
machine we must have previously figured this out at some point,
because welcome.conf had been renamed to welcome.conf.bak -- but then
something mysteriously restored the welcome.conf file, which broke it
again. I assume it might have been a "yum update" which put back the
welcome.conf file. Hopefully having a zero-byte file there will
prevent yum updates from clobbering it.)
This still does not solve the problem of why I'm not getting the
right custom 403 error when I go to https://209.160.28.154/
though... I still don't know how to make the ErrorDocument directive
apply to the https site.
-Bennett
At 05:10 PM 7/23/2010, Bennett Haselton wrote:
I'm trying to ban certain IPs from visiting my site, so that they
instead see a message saying "Your IP has been banned, email me if
you think this is an error." I've *almost* got it working -- when
people visit URLs like
http://209.160.28.154/index.html
or
http://209.160.28.154/foo-does-not-exist
they see the "banned IP" message. However, the problem is that if
you try to access the front page:
http://209.160.28.154/
from a banned IP address, you see the "Apache Test Page for CentOS"
page, instead of seeing the "banned IP" message. Anybody recognize
this problem or have an idea of what could be causing it?
In my httpd.conf file, I changed "AllowOverride None" to
"AllowOverride All" in both the default <Directory /> tag and inside
the <Directory "/var/www/html"> tag -- I placed a modified copy of
httpd.conf at:
http://209.160.28.154/httpd.conf
and in /var/www/html I placed a .htaccess file containing these lines:
>>>
ErrorDocument 403 /banned_ip.php
order deny,allow
deny from 71.112.32.149
>>>
and restarted the server. (The page
http://209.160.28.154/banned_ip.php shows the message you're
supposed to see when connecting from a banned IP. 71.112.32.149 is
my home machine IP which I've "banned" for testing purposes.)
So like I said, that almost works, where
http://209.160.28.154/index.html gives the right error message, but
http://209.160.28.154/ does not. Any idea how to change is to that
all URLs under http://209.160.28.154/ will give the "banned IP"
message if connecting from a banned IP?
-Bennett
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
