|How to return Error 404 on existing files and directories?|
| 3:00 am on Mar 27, 2013 (gmt 0)|
I have a directory on my server, for example "abc". Inside 3 files: abc.txt, abc.pm and abc.cgi (saying "Hello World!"). There is no index file there.
I need to return to any user or bot error 404, when they try to view any of this files or directory. Is it possible to make it with .htaccess?
Once again, I need server return Error 404, no any other type of errors like "Access Denied" etc.
| 4:02 am on Mar 27, 2013 (gmt 0)|
Yes it is possible. I do this on my server.
You want a Rewrite rule with a 404 status code. See the Apache documentation.
[edited by: jlnaman at 4:06 am (utc) on Mar 27, 2013]
| 5:01 am on Mar 27, 2013 (gmt 0)|
Thank you, jlnaman. It will help me too much if you can provide an example of such .htaccess, as I'm not very familiar with Apache.
| 2:26 pm on Mar 27, 2013 (gmt 0)|
Why don't you show this forum what you have tried in your .htaccess file? If there is a url or domain name, change it to example.com. I'm not going to write your .htaccess for you, but I will try to help you with a problem that isn't working the way you want. -or- you can Google "apache rewriterule 404 status" and see several examples that can get you into trouble if you just cut-and-paste without taking the time to get a little familiar with Apache.
| 3:10 pm on Mar 27, 2013 (gmt 0)|
There's several ways to achieve this. All are a single line of code and most have been posted many times before in this forum.
Let's see your attempt, then we can refine it.
| 4:01 pm on Mar 27, 2013 (gmt 0)|
At root dir I have the following .htaccess:
ErrorDocument 401 /errors/index.shtml?401
ErrorDocument 403 /errors/index.shtml?403
ErrorDocument 404 /errors/index.shtml?404
ErrorDocument 500 /errors/index.shtml?500
deny from all
deny from all
Inside /abc/ I've tried what I've seen at Apache website, but these doen't work for me:
RewriteRule ^/abc/(.+) http://www.example.com/errors/$1 [R,L]
RewriteRule ^/abc/(.+) /errors/index.shtml?404 [R,L]
I don't know where is a mistake.
| 4:16 pm on Mar 27, 2013 (gmt 0)|
You want the 404!
I think the NC is to be sure you cover abc, ABC, aBC, etc.
| 4:22 pm on Mar 27, 2013 (gmt 0)|
RewriteRule ^/abc/abc\..*$ - [R=404,L,NC]]
would return the default 404 page for your abc files
^/abc/.*$ for everything in /abc ?
- means don't redirect to anything. Why not let the server handle the not found using default?
| 5:19 pm on Mar 27, 2013 (gmt 0)|
If you redirect to the error page, then the user sees a 301 or 302 code.
You must return the 404 at the originally requested URL.
If you put code inside the /abc/.htaccess file, then the RegEx pattern must not mention the abc/ part of the requested URL as folder references are "localised" before being passed to mod-rewrite.
The simplest code, in the root htaccess file, would be:
RewriteRule ^abc/ /does-not-exist [L]
This rewrites any request beginning example.com/abc/ and tries to fetch a file called /does-not-exist from the server filesystem. As it does not exist, Apache invokes the ErrorDocument handler instead.
@user12 - Unused trailing (.+) captures are always redundant and can be omitted.
@jlnaman -Uncaptured .*$ is always redundant and can be omitted.
| 8:53 pm on Mar 27, 2013 (gmt 0)|
If you are new to Apache, do not repeat DO NOT put RewriteRules in more than one place. Either in more than one htaccess file, or within <Files> envelopes in a single htaccess file. mod_rewrite is the Swiss Army knife of Apache mods, meaning that you can not only cut yourself but also injure yourself in many other creative ways.
One unanswered question: Those off-limits files exist for a reason. That means someone uses them, and you need to make sure your rule doesn't exclude that someone. It may be as simple as a [NS] flag appended to a RewriteRule.
|Once again, I need server return Error 404, no any other type of errors like "Access Denied" etc. |
Are you sure? A 403 doesn't mean "The file exists but we're not letting you see it nyaah-nyaah". It only means "You've blundered into the wrong place". Ordinary humans are most likely to meet a 403 when they request the index file of a directory that doesn't have an index file.
403 pages are for humans. So you can make the ErrorDocument almost as friendly and helpful as the 404 document, including links to your most popular pages.
|<Files ".*"> |
deny from all
Unless you have the worst host in the world, you do not need this package. The server config file will already say the same thing. The host does not want people pawing around htaccess files any more than you do.