I am in charge of a site using Apache 2.0 on Red Hat 4.1.2.
I have configured the site to display a custom error page by adding this line to the .htaccess file in the site's root directory:
ErrorDocument 403 /403.html
For testing, I have blocked my own IP address in the site application; this results in something like this in the .htaccess file (I've edited the list for brevity and altered the IPs):
SetEnvIfNoCase REMOTE_ADDR "^(0\.0\.0\.1|0\.0\.0\.2|0\.0\.0\.3).*" BadIP
deny from env=BadIP
When I try to access the site from a "bad" IP, I get the custom error page if I try to get a specific page (for example, http://example.com/index.html).
However, if I try to get just the root directory (for example http://example.com), then I get the Apache test page instead.
Is there any way to get the root directory for the site to work with the custom error page?
EDIT: I think I may have caused some confusion. To clarify:
- when I try to get the root URL, the root page is not served; what I get is the page that says, "If you can read this page, it that means that the Apache HTTP server installed at this site is working properly." So I am blocked as expected, but I'm just not getting the 403 error page.
- when I try to get anything below the root, I get my custom 403.html page
UPDATE:
I've tried this on a more recent Apache version (2.2.25). I have also tried it without the ErrorDocument directive or SetEnv stuff. The .htaccess file contains only these 3 lines:
order allow,deny
allow from all
deny from 0.0.0.0
where 0.0.0.0 is replaced by my actual IP address.
The result is the same: when getting example.com I get the Apache "If you can read this" test page, and when getting example.com/x I get the built-in "Forbidden ... you don't have permission to access /x on this server" page.
