apache 将 403 Forbidden 重定向到 404 Not Found 的问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/548156/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Problem redirecting 403 Forbidden to 404 Not Found
提问by Kevin Loney
The pertinent part of my .htaccess looks like this:
我的 .htaccess 的相关部分如下所示:
Options -Indexes
<FilesMatch include>
Order allow,deny
Deny from all
</FilesMatch>
RedirectMatch 404 ^/include(/.*)$
And it's generating the following responses:
它正在生成以下响应:
- /include 403
- /include/ 404
- /include/config.inc 403
- /包括 403
- /包括/ 404
- /include/config.inc 403
I can tell by looking at my pattern that problem is likely in the (/.*) part but everything I have tried gives me the same results; instead of consistently getting 404 I get a 404 for the one case and 403 for everything else. What is wrong with the expression I'm using? Alternatively since I have to do this for a few directories is there a blanket approach that would allow me to convert all 403 responses to 404?
我可以通过查看我的模式看出问题可能在 (/.*) 部分,但我尝试过的一切都给了我相同的结果;我没有一直得到 404,而是在一个案例中得到 404,对其他所有情况得到 403。我使用的表达式有什么问题?或者,由于我必须对几个目录执行此操作,是否有一种全面的方法可以让我将所有 403 响应转换为 404?
UPDATE:I've found that by removing the FileMatch I get better results, so my .htaccess now looks like this:
更新:我发现通过删除 FileMatch 可以获得更好的结果,所以我的 .htaccess 现在看起来像这样:
Options -Indexes
RedirectMatch 404 ^/include(/.*)?$ # Added dlamblin's first suggestion
And generates the following responses:
并生成以下响应:
- /include 404
- /include/ 404
- /include/config.inc 403
- /包括 404
- /包括/ 404
- /include/config.inc 403
UPDATE:Interestingly enough I have discovered that the following produces different output:
更新:有趣的是,我发现以下会产生不同的输出:
RedirectMatch 404 ^/include(/?|/.*)$
RedirectMatch 404 ^/template(/?|/.*)$
The template pattern works on all cases however include is still generating 403 for all files in include (e.g. /include/config.inc) Could this be an issue with the directory name and not a problem with the .htaccess file itself?
模板模式适用于所有情况,但是 include 仍然为 include 中的所有文件生成 403(例如 /include/config.inc)这可能是目录名称的问题而不是 .htaccess 文件本身的问题吗?
UPDATE:The following in my .htaccess was conflicting with redirect when accessing /include/config.inc.
更新:我的 .htaccess 中的以下内容与访问 /include/config.inc 时的重定向冲突。
<FilesMatch config>
Order allow,deny
Deny from all
</FilesMatch>
采纳答案by Bryan Rehbein
I can understand why the /include isn't caught by your RedirectMatch, you aren't making the end '/' optional, however the /include/config.inc part is a bit on the puzzling side.
我可以理解为什么 /include 没有被您的 RedirectMatch 捕获,您没有将结尾 '/' 设为可选,但是 /include/config.inc 部分有点令人费解。
Here is what I got to work on Apache 2.2:
这是我在 Apache 2.2 上的工作:
<FilesMatch /include(/?|/.*)>
Order allow,deny
Deny from all
</FilesMatch>
RedirectMatch 404 ^/include(/?|/.*)$
This handles these cases:
这处理这些情况:
/include 404
/include/ 404
/include/config.inc 404
I had to change the FilesMatch part in order for the /include part to work properly.
我必须更改 FilesMatch 部分才能使 /include 部分正常工作。
EDIT:
编辑:
The match line also works without the <FilesMatch> section in .htaccess and gives the expected results.
匹配行也可以在 .htaccess 中没有 <FilesMatch> 部分的情况下工作,并提供预期的结果。
回答by outis
Another possibility is not to bother matching the whole path:
另一种可能性是不费心匹配整个路径:
RedirectMatch 404 ^/include
If there are publicly visible URL paths that might start with "/include" (say, "/includeMe"), a small addition will separate the private from the public URLs:
如果有可能以“/include”开头的公开可见的 URL 路径(例如,“/includeMe”),一个小的添加将把私有 URL 与公共 URL 分开:
RedirectMatch 404 ^/include(/|$)
回答by ImmortalPC
With rewrite mod:
使用重写模式:
RewriteEngine on
RewriteCond %{THE_REQUEST} ^.*/\.
RewriteRule ^(.*)$ - [R=404]
Every file or dir who begin with a dot will be redirected to 404.
每个以点开头的文件或目录都将被重定向到 404。
/myDir/.svn => 404
/.gitignore => 404
/dir1/dir2_dir3/
Or to change all 403,400 errors into 404 errors, put this at the end of /etc/apache2/conf.d/localized-error-pagesOR into a .htaccess
或者要将所有 403,400 错误更改为 404 错误,请将其放在/etc/apache2/conf.d/localized-error-pages的末尾或放入.htaccess
# Will raise a 404 error, because the file <fake_file_for_apache_404.php> doesn't exist.
# We change 403 or 400 to 404 !
ErrorDocument 400 /fake_file_for_apache_404.php
ErrorDocument 403 /fake_file_for_apache_404.php
# We need to rewrite 404 error, else we will have "fake_file_for_apache_404.php not found"
ErrorDocument 404 "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL <script type=\"text/javascript\">document.write(document.location.pathname);</script> was not found on this server.</p></body></html>"
ErrorDocument 500 "Server in update. Please comme back later."
回答by ImmortalPC
A better and simple way is as follow :
一个更好更简单的方法如下:
1 - Insert in your main conf (ie Outside VHOST world) :
1 - 插入您的主 conf(即外部 VHOST 世界):
<IfModule mod_alias.c>
RedirectMatch 404 ^/myDirectory(?|\/)$
</IfModule>
with myDirectory = css, js, images ...
使用 myDirectory = css、js、图像 ...
2 - You can set a per directory -Indexes as follow :
2 - 您可以设置每个目录 -Indexes 如下:
Allow your "DirectoryIndex" Apache directive content to be served :
允许提供您的“DirectoryIndex”Apache 指令内容:
<Directory "/myPathtoMyWebDocRoot/">
Options Indexes
AllowOverride None
Order Allow, Deny
Allow from all
</Directory>
and Deny directory index for others :
并拒绝其他人的目录索引:
<Directory "/myPathtoMyWebDocRoot/myDirectory/">
Options -Indexes
AllowOverride None
Order Allow, Deny
Allow from all
</Directory>
with myDirectory = *, css, images, js, secret, ... following your needs.
使用 myDirectory = *, css, images, js, secret, ... 满足您的需求。
回答by dlamblin
Don't you want '^/include(/.*)?$'
你不想要 '^/include(/.*)?$'
This part is a guess, but what would happen if you put the RedirectMatch above the block. That way you wouldn't by denying (forbidding) access to a request before you redirect that request to 404.
这部分是一个猜测,但是如果将 RedirectMatch 放在块上方会发生什么。这样你就不会在将请求重定向到 404 之前拒绝(禁止)访问请求。
回答by kbec
This one works as expected for all files/dirs with name started by dot even in subdirectories:
对于所有名称以点开头的文件/目录,即使在子目录中,这个文件/目录也能正常工作:
<FilesMatch "^\..+">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
RedirectMatch 404 \/\..+$
回答by No name
In that case you do not need to use Options -IndexesMy solution to stop displaying directory's content as list and display 404 error is simple. Create .htaccess file in root directory of your project and write which directories should be protected.
在这种情况下,您不需要使用Options -Indexes我的解决方案来停止将目录内容显示为列表并显示 404 错误很简单。在项目的根目录中创建 .htaccess 文件并写下应该保护哪些目录。
Directories structure
目录结构
- your_root_directory
- .htaccess
- 404.html
- index.html
- app
- other files I do not want to show
- models
- other files I do not want to show
.htaccess
.htaccess
RewriteEngine On
RewriteRule ^app/ - [R=404,L]
RewriteRule ^models/ - [R=404,L]
ErrorDocument 404 /your_root_directory/404.html The second line of .htaccess disallow access to list items in app directory and all its subridectories.
ErrorDocument 404 /your_root_directory/404.html .htaccess 的第二行不允许访问应用程序目录及其所有子目录中的列表项。
The third line of .htaccess disallow access to list items in models directory and all its subridectories.
.htaccess 的第三行不允许访问模型目录及其所有子目录中的列表项。
The fourth of .htaccess line sets our own 404 error (if you do not want to show apache default error).
.htaccess 行的第四行设置了我们自己的 404 错误(如果您不想显示 apache 默认错误)。
Remember to clear cache on your browser when you work with htaccess.
使用 htaccess 时,请记住清除浏览器上的缓存。
