Re: [users@httpd] how to make ErrorDocument apply to https:// site as well?

Sun, 25 Jul 2010 18:22:48 -0700 

At 05:30 PM 7/25/2010, Eric Covener wrote:

> A little more potentially useful information:
> The 403 forbidden message that comes up when I try to access an https:// URL 
> also says:
> "Additionally, a 403 Forbidden error was encountered while trying to use an 
> ErrorDocument to handle the request."
>
> So apparently Apache is *applying* the ErrorDocument directive to https:// > requests, it's just not able to find the /banned_ip.php file when doing so. 

No, not "not able to find".  How did you "ban" the IP


in /var/www/html/.htaccess


and how do you
expect Apache to be able to serve the errordocument for the banned IP?



Well, it works for http URLs -- when I go to this address from my 
home IP (which is in the "banned" list), I see the banned_ip page 
(note my browser does not get redirected, I stay on the URL below but 
I see the contents of banned_ip.php):

http://209.160.28.154/


I assume that what you're saying is basically: Since my .htaccess 
file denies access to my IP to any file underneath /var/www/html , 
why should I expect the server to be able to serve the contents of 
banned_ip.php to me, and isn't that probably why I'm getting the 
error for https:// URLs?


That makes sense, but:
1) like I said, it works for http URLs; and

2) in any case, if that is the cause, what would be the 
solution?  Move banned_ip.php to a higher-level location like 
/var/www/banned_ip.php?  The problem with that is that the path 
specified for ErrorDocument has to be relative to the DocumentRoot, 
which is /var/www/html .  (And, putting "/../banned_ip.higher.php" in 
the ErrorDocument directive to jump one directory higher, does not 
work :) That just gives a 400 Bad Request error.)



>
> So since my directive says
> ErrorDocument 403 /banned_ip.php

> how come Apache can find that file when giving a 403 error in 
response to an

> https request, but not in response to an http request?

Maybe you punched a hole in your config to allow access to the file,
but only in the non-SSL vhost?



Unfortunately this is on a machine that's completely clean and I 
didn't make any other changes.  So I don't know why Apache is able to 
serve /var/www/html/banned_ip.php in response to 403 errors generated 
by http requests but not https requests.



        -Bennett 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org























					Reply via email to