23

I created a .htaccess inside a directory in which I don't want the files to be directly accessed. It works and fires the default 403 page (Access forbidden!) of the Apache server. How can I create a custom 403 page? Thanks!

Dendromaniac
  • 378
  • 1
  • 14
fart-y-goer
  • 747
  • 3
  • 8
  • 27

4 Answers4

42

In your .htaccess file you can specify what document you want as your default 403 error document.

ErrorDocument 403 /dir/file.html

Here the directory is relative to the document root.

galoget
  • 722
  • 9
  • 15
JK.
  • 5,126
  • 1
  • 27
  • 26
14

You can do something like the following:


#Rewrite URL's
RewriteEngine On
RewriteRule ^404/?$ errors/404.html [NC]

# Enable Error Documents
# (404,File Not Found) | (403,Forbidden) | (500,Internal Server Error)
ErrorDocument 404 /404
ErrorDocument 403 /404

What this is doing is turning on the RewriteEngine so we can redirect url's nicely, then we are defining using the RewriteRule that /404/ or /404 should redirect to the custom 404 page. I then state that the ErrorDocument 404 and 403 should redirect to the 404 page. I do this for security so, a user does not know whether or not a file exists or if they just don't have access.

Aramael Pena-Alcantara
  • 358
  • 1
  • 3
  • 9
5

You can also add a custom inline error message via ErrorDocumnet in your .htaccess file as shown below:

    ErrorDocument 403 '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>403 Forbidden</title></head><p>Sorry, access to this page is forbidden.</p></body></html>'
B.K
  • 847
  • 10
  • 6
2

None is worked for me. I had to edit the file /etc/apache2/conf-enabled/localized-error-pages.conf and add the following

ErrorDocument 403 "403, Ok!?"
edib
  • 812
  • 1
  • 11
  • 20