Hi it would appear you have to format for blocking IP ranges sorted.

To specify custom error pages use the format

ErrorDocument Errornumber path/file (relative to public root/error pages)
example


# Begin Error Documents
ErrorDocument 403 /allow.access/403.html
ErrorDocument 404 /allow.access/404.html
# End error Documents

the actual pages may be htm html or shtml as long as the script is the same as the actual error pages. the # is for comments or memos only and may be discarded if you wish.

As a security tip you might want to place the following code at the top of your .htaccess file,

<Files .htaccess>
order allow,deny
deny from all
</Files>

this will prevent it from being read by others.


Hope this helps.

thanks for the help

ErrorDocument Errornumber path/file

i tried that but it is not working.

the message is...

'Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.'

Hi, your error pages are stored in the folder you stated /allow.access/

Each error needs its own page and the name of the page should be same as the error number ie error 404 will be page 404.html

These pages need to be stored in the folder called /allow.access.

I use the folder /errors (not very original I know)

and the architecture should be as below

public_html/
/allow.access
/400.html
/401.html
/402.html
/403.html

So you would then have pages named 400.html 401.html 402.html & 403.html contained in your own folder called /allow.access

page name have to be exact, including case so if your folder is /Allow.access thenit has to read the same in the .htaccess

The entries need to be near the very top of the htaccess file.
Check that the folder is readable for public.

ok.

i renamed file in /allow.access/ to 403.shtml

it is still showing defaut 403 message.

is there a way i can redirect 403 error to public_html/allow.access/index.html?

You can, just name the page that in your htaccess, but its not good practise to do that and could cause you a headache later down the road. It would be betetr to use a redirect inside the 403 page or other error page and do it that way. Always best to keep index.* pages for just that.

I am curious as to why you want to use index.html for this purpose?

Exocet@: we don't want to show people of the country that access is restricted for them.

and the problem is still unsolved. it is still showing default 403 message. also renaming file to 403.shtml did not work.

Does your line in the .htaccess read ErrorDocument 403 /allow.access/ to 403.shtml ?

I would be inclined to name it *.html not *.shtml unless you are including server side includes (another subject).

yes it is 403.html in /allow.access/ directory.

not working yet.

Can u post your .htaccess parts please.

if you want i can send you in email or message

i have sent you file. i don't whether you received as i don't see message in 'sent message'.

:: looking vaguely around for g1 or someone like him ::

Why don't you simply say at the beginning of your htaccess

<Files forbidden.html>
Order Allow,Deny
Allow from all
</Files>

? Works for me. Error logs no longer show each 403 followed by a second 403 referring to the 403 page itself. (Can you say "recursion"? ;))

Replace of course with the actual name of your 403 page. Mine is called "forbidden" because that is the host's default name; if I wanted to call it something else I would have to add a line like

ErrorDocument 404 /paintings/nopage.html

(that's the actual name of a directory-specific 404 page named in a separate htaccess).

Are you trying to set up a different 403 document for the people who are blocked for country-related reasons? Even the generic 403 doesn't say why you are blocked. In fact as a user I always thought of 403 as the "no index" document: it's what you get if you ask for a directory that has no named index file and isn't auto-indexed.

Are you trying to set up a different 403 document for the people who are blocked for country-related reasons?

yes exactly.

Have you tried anything with mod_rewrite? Something like

RewriteCond {here you list all the IPs you want to block, with [NC,OR] at the end of each line}
RewriteRule /.html$ public_html/allow.access/index.html [R=403,L]

Wait, stop the presses. Do you need to serve an actual 403, or do you just need to physically prevent them from seeing anything on your site? Is this a legal thing or an "I don't like your face" thing?

:: what do you mean, people who speak fluent Apache are allowed to take the occasional day off? ::

RewriteCond {here you list all the IPs you want to block, with [NC,OR] at the end of each line}
RewriteRule /.html$ public_html/allow.access/index.html [R=403,L]

lucy24@: yes there is so many such rewrite rules.

Wait, stop the presses. Do you need to serve an actual 403, or do you just need to physically prevent them from seeing anything on your site? Is this a legal thing or an "I don't like your face" thing?

we need to serve /allow.access/index.html

it is neither legal nor 'face' thing.

we just don't want to be spammed from particular country.