15 replies to this topic

[alix]

hi
i'm running sort of an image board and i really want to keep some people out of it but i don't know how
for testing purposes only i tried

ErrorDocument 404 http://google.com

ErrorDocument 400 http://google.com

ErrorDocument 401 http://google.com

ErrorDocument 403 http://google.com

ErrorDocument 405 http://google.com

ErrorDocument 406 http://google.com

ErrorDocument 409 http://google.com

ErrorDocument 413 http://google.com

ErrorDocument 414 http://google.com

ErrorDocument 500 http://google.com

ErrorDocument 501 http://google.com

order deny,allow

deny from all

allow from my ip

but that doesn't really work, instead of redirecting to google it shows me the default

You may now add content to the directory /var/www/html/. Note that until you do so, people visiting your website will see this page and not your content. To prevent this page from ever being used, follow the instructions in the file /etc/httpd/conf.d/welcome.conf.

but if i go to mydomain.com/index.php then i do get redirected to google, so does anyone know a way to modify from htaccess (i don't have access to the server files just the httpdocs) to redirect unwelcome users?

[Mark Wylde]

I'm not sure what you're actually trying to do?

Are you trying to stop everyone getting access to your site? Or just stop them getting access to the directories?

If your trying to stop people getting access then the above should work. What is the actual URL that you are redirected to if they goto a wrong file?

[alix]

i just want them to get out of my site, including the root directory
like if you go to http://mydomain.com it should redirect you but instead of doing that it displays the homepage from /var/www/html

[Alexander]

From what you have done, you are redirecting some HTTP status codes to google.com.

You must redirect the status code 200 as well, this is called HTTP OK and is sent when the web server has found content to be served.

I question on what you are doing this for, I have never seen this being used, could you try to explain what you are wanting to do this for and maybe we could suggest better?

[alix]

well yea it is a bit weird
i'm like making a private thing that only few people should be allowed to see, kind of like a reverse block ip
originally i had a php function in my index checking the ip and if it
but then i found the htaccess thing which meant that now not only can they not see the page but they can't see any images or any other thing on that site
the point is i want to make this website look like it doesn't even exist

[Mark Wylde]

Again, when your site actually redirects to Google what is the full path in your browser. For example is it bringing back:
http://www.yoursite....tp://google.com

Or is it bringing back http://google.com/se...onmyownsite.htm

[alix]

ok here's an example
i bought this domain a while ago and i got canceled, now a lot of people know the domain but the original content is not there anymore so instead of wasting the domain i want to keeo something else on it, which only I and a couple of friends can see
so i want that people that aren't in the allow list on htaccess to see a totally different page than what my friends and I are seeing
like if you go on http://mydomain.com you should see something like the content of this page virtualbox.com
something that just says "website not available anymore"
kind of like a function in php
if ip = x then render-good-page();
else render-bad-page();
but i want to do that from htaccess and not a php function
so it doesn't matter where it redirects people as long as they stay away from the original content of the website

[Alexander]

If you were only wishing for a certain IP set to be allowed access, you can try the following

<Limit GET POST>
order deny,allow
deny from all
allow from 0.0.0.0
allow from 1.1.1.1
allow from 2.2.2.2
</Limit>

ErrorDocument 403 http://www.google.com

This would deny all users, and then finally allow users explicitly defined in the allow statements.

When denied, it is standard to send a 403 forbidden HTTP status code, and in this case it will send it to Google. I have not tested if the syntax is correct although it will remain the same.

[alix]

i get the same outcome as my old

ErrorDocument 404 http://google.com

ErrorDocument 400 http://google.com

ErrorDocument 401 http://google.com

ErrorDocument 403 http://google.com

ErrorDocument 405 http://google.com

ErrorDocument 406 http://google.com

ErrorDocument 409 http://google.com

ErrorDocument 413 http://google.com

ErrorDocument 414 http://google.com

ErrorDocument 500 http://google.com

ErrorDocument 501 http://google.com

order deny,allow

deny from all

allow from my ip

it appears that since it can't access the index.php in /httpdocs it just gets the one in /var/html/www
that's what i am trying to avoid

[Alexander]

I am unsure of what you mean, you are not telling me things.

All your ErrorDocuments are pointless and will never be reached by somebody on the outside because they are denied in the first place.

If they are granted access, it doesn't matter where the index is, or what they access, it is the same as if there was no restriction.

[alix]

well that's the point, if they are denied they should see the error
here's some screenshots to prove my point
here's the htaccess

<Limit GET POST>

order deny,allow

deny from all

#allow from myip

</Limit>


ErrorDocument 403 "hi"

here are screenshots



(click to see more)

[Alexander]

Why did you ask to redirect them then? Just remove the error document line and it will display an error, this is server and browser dependent so you may have to create your own and serve it.