I've the following configuration script in my Apache 2.4.7 installation:
<Directory "/www">
Options Indexes FollowSymLinks
AllowOverride All
<RequireAll>
Require all granted
Require not ip ip.range.A ip.range.B
</RequireAll>
RewriteEngine On
RewriteRule ^faq/(\w+)/(\d+)/?$ faq.php?code=$1&num=$2 [NC]
ErrorDocument 403 /www/faq.php?code=web&num=403
</Directory>
And, I'm receiving this error when I try to view a page using one of the blocked IP addresses:
Additionally, a 403 Forbidden error was encountered while trying to
use an ErrorDocument to handle the request.
Since I want to serve two kinds of 403 to the incoming clients; I've to redirect the users restricted by IP ranges A
and B
to be shown the faq/WEB/403/
page.
Is there some way to block access for users with those IPs and show them my custom ErrorDocument
page?
I did try using the following instead of the requireAll
tag (as defined in the RewriteCond
directive):
RewriteCond %{REMOTE_HOST} ^ip.range.A [OR]
RewriteCond %{REMOTE_HOST} ^ip.range.B
RewriteRule /faq/WEB/403/ [L,R]
but to no avail. Users were able to access the pages freely in the latter case.
The current configuration file is as follows (and no users are being blocked access to the web pages):
<Directory "/www">
Options Indexes FollowSymLinks
AllowOverride All
RewriteEngine On
RewriteRule ^faq/(\w+)/(\d+)/?$ faq.php?code=$1&num=$2 [NC]
RewriteCond %{REMOTE_HOST} ^ip.range.A [OR]
RewriteCond %{REMOTE_HOST} ^ip.range.B
RewriteRule /faq/WEB/403/ [L,R]
</Directory>
Best Answer
For this error :
You're protecting /www directory. As the 403 file is also in this directory it isn't served as access to this content is forbidden to user. You need to put your 403 page in it's own directory which doesn't belong to /www.
On having two separates pages depending on source IP, I'm not sure you can do that with apache config only.
ErrorDocument
are "special" commands which interrupts normal apache flow. A better way would be to do this in PHP or any serverside language.