Solved

Root directory protected via basic auth, thus 401 error document can't be displayed

Posted on 2004-09-18
7
564 Views
Last Modified: 2010-03-04
In my httpd.conf file, under one of my virtual hosts, I have the / directory password protected using http basic auth. If a user doesn't enter a valid username/password combo, I would like to display a custom error document to them, telling them to signup to my site. Unfortunately when using "ErrorDocument 401 /noaccess.html" the noaccess.html (according to my error.log file) must be a file accessible via the current virtual host.

Since the / directory is protected, and /noaccess.html is within that directory it is also protected and I just receive Apache's standard 401 error, with an additional message on the bottom saying the 401 page is also returning 401.

Here is the (relevant) config:

<Virtualhost my.hostname.com>
   <Location />
      PerlAuthenHandler Apache::SecureCheck
       AuthType Basic
       AuthName MyDomain
      require valid-user
   </Location>
   <Location /noaccess.html>
        allow from all
   </Location>
   ErrorDocument 401 /noaccess.html
</VirtualHost>

I have shuffled around the order of the two <Location> blocks and the Error 401 tag, with no luck.

Also, if possible, i'd like to have noaccess.html located on a different virtual host, or even in a non-web accessible directory. Currently I am hoping to accomplish this via

Alias /noaccess.html /home/me/noaccess.html

However, I have tried removing the alias command, and using an actual file with no luck displaying the noaccess.html file.

Thanks
0
Comment
Question by:topsoil
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 12098969
Put the following .htaccess file:

ErrorDocument 401  /noaccess.html

also have a look at the answer in:
http:Q_20901798.html
0
 
LVL 38

Accepted Solution

by:
yuzh earned 125 total points
ID: 12099019
or you can defined it in your main server config file httpd.conf:

ErrorDocument 401 /Subscription/how_to_subscribe.html

For more details:
http://httpd.apache.org/docs/custom-error.html
Tutorial + error codes:
http://www.htmlcenter.com/tutorials/printtutorial.cfm?id=150&type=General
0
 
LVL 15

Assisted Solution

by:periwinkle
periwinkle earned 125 total points
ID: 12102927
I think what he's saying, yuzh, is that he's password protected the entire site - they can't get the 403 or 401 page without entering a name and password.

I would suggest putting the entire site in a password protected subdirectory, and only have the 401, 404, and 403 documents in the root directory...
0
 
LVL 9

Assisted Solution

by:_GeG_
_GeG_ earned 125 total points
ID: 12110039
i am not sure, but put a files directive in your conf file,

<files your4040file.html>
order allow, deny
allow from all
satisfy any
</files>

I haven't tried it, but this should do the trick. I am not sure in which order the authorization works, so maybe you will have to put your error files in a subdirecotry and use directory directives, like

<directory directory_for_error_files>
order allow, deny
allow from all
satisfy any
</directory>
0
 
LVL 2

Assisted Solution

by:rootkiddy
rootkiddy earned 125 total points
ID: 12130085
GeG 100% correct.

allow from all  <--- Would normally grant access
satisfy any

The "satisfy any" is the piece that tells apache that you will accept the previous require "user, group, etc." or you will accept based on mod_access.  This is a configuration that I have on a few sites.

Suggestion is that if you have more than one custom error document then you might consider putting them in a directory and using the one of the directory configurations (directory, location, etc.) or name the files similar where you can do a filesmatch.
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question