Make an error page folder serve a 403 error to external requests

Question

I'm fiddling about with a server, and I've made one of the subdomains a proxy for a service that isn't always up. The server block looks like:

server {
    server_name servlet.example.org;
    error_page 502 /error/down.html;

    location / {
        proxy_pass http://127.0.0.1:12510;
        proxy_redirect default;
        proxy_intercept_errors on;
    }

    location /error/ {
        root /path/to/servlet;
        autoindex off;
    }
}

This serves /path/to/servlet/error/down.html to any request when the service is down and that's great.

My issue is that I would like to make any external request to /error/ return a 403 status code, with a custom error page of its own—say forbidden.html, also to be found in the /error/ folder. The internal directive sounds like it's what I want, but that returns 404s. I can't just override 404 errors on the whole server to a 403 with error_page, because the service may return 404s of its own and I'd like to preserve that.

Is this possible? How would I go about it? I have tried seemingly meaningful combinations of internal and error_page but can't get anywhere.

Barring that, can I at least serve a 403 to anything that would otherwise 404 in /error/? I.e. down.html and forbidden.html show up normally, but anything else gets a 403 and displays forbidden.html.

Have you tried simply including the `internal;` directive in the `location /error/` block? — Mathias R. Jessen, Jul 31 '14 at 19:33
@MathiasR.Jessen That returns 404 Not found errors. I am looking for 403s, if at all possible. — algorithmshark, Jul 31 '14 at 21:20

score 0 · Answer 1 · answered Aug 02 '14 at 07:58

I can't quite get the server to 403 everything in /error/ externally, but I managed the runner-up: to 403 everything not otherwise available.

I had to use rewrite to get it to work, because without it, a request to /error/ alone would give the default nginx error message, and not the custom one. That I still can't figure out.

server {
    server_name servlet.example.org;
    error_page 502 /error/down.html;
    error_page 403 /error/forbidden.html; # other error_pages for the
    error_page 404 /error/notfound.html;  #  proxy's output
    # ...

    location / {
        proxy_pass http://127.0.0.1:12510;
        proxy_redirect default;
        proxy_intercept_errors on;
    }

    location = /error/ {           # did you request /error/ ?
        rewrite .* /error/x last;  # not anymore!
    }                              # we can also omit autoindex now

    location /error/ {
        root /path/to/servlet;
        error_page 404 =403 /error/forbidden.html;
    }
}

Make an error page folder serve a 403 error to external requests

1 Answers1