Problem redirecting 403 Forbidden to 404 Not Found

apache .htaccess mod-rewrite http-status-code-404 http-status-code-403
Kevin Loney picture Kevin Loney · Feb 14, 2009 · Viewed 33.2k times · Source

The pertinent part of my .htaccess looks like this:

Options -Indexes
<FilesMatch include>
    Order allow,deny
    Deny from all
</FilesMatch>
RedirectMatch 404 ^/include(/.*)$

And it's generating the following responses:

  • /include 403
  • /include/ 404
  • /include/config.inc 403

I can tell by looking at my pattern that problem is likely in the (/.*) part but everything I have tried gives me the same results; instead of consistently getting 404 I get a 404 for the one case and 403 for everything else. What is wrong with the expression I'm using? Alternatively since I have to do this for a few directories is there a blanket approach that would allow me to convert all 403 responses to 404?

UPDATE: I've found that by removing the FileMatch I get better results, so my .htaccess now looks like this:

Options -Indexes
RedirectMatch 404 ^/include(/.*)?$ # Added dlamblin's first suggestion

And generates the following responses:

  • /include 404
  • /include/ 404
  • /include/config.inc 403

UPDATE: Interestingly enough I have discovered that the following produces different output:

RedirectMatch 404 ^/include(/?|/.*)$
RedirectMatch 404 ^/template(/?|/.*)$

The template pattern works on all cases however include is still generating 403 for all files in include (e.g. /include/config.inc) Could this be an issue with the directory name and not a problem with the .htaccess file itself?

UPDATE: The following in my .htaccess was conflicting with redirect when accessing /include/config.inc.

<FilesMatch config>
    Order allow,deny
    Deny from all
</FilesMatch>

Answer

Bryan Rehbein picture Bryan Rehbein · Feb 14, 2009

I can understand why the /include isn't caught by your RedirectMatch, you aren't making the end '/' optional, however the /include/config.inc part is a bit on the puzzling side.

Here is what I got to work on Apache 2.2:

<FilesMatch /include(/?|/.*)>
    Order allow,deny
    Deny from all
</FilesMatch>

RedirectMatch 404 ^/include(/?|/.*)$

This handles these cases:

/include 404
/include/ 404
/include/config.inc 404

I had to change the FilesMatch part in order for the /include part to work properly.

EDIT:

The match line also works without the <FilesMatch> section in .htaccess and gives the expected results.

Related questions

htaccess redirect to https://www

I have the following htaccess code: <IfModule mod_rewrite.c> RewriteEngine On RewriteCond !{HTTPS} off RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteCond %{HTTP_HOST} !^www\. RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </…

Read More
Forbidden You don't have permission to access / on this server

All I wanted to do today was to write a redirect rule to a subfolder, e.g.: You enter the URL: example.com and you get redirected to example.com/subfolder Such a simple wish. I tried to find a …

Read More
Getting a 500 Internal Server Error on Laravel 5+ Ubuntu 14.04

I have installed Laravel many times on Windows OS but it never occurred this type of problem. This 500 internal server usually occurs when your "mod_rewrite" module is not turned on. However, on Ubuntu 14.04 this problem is giving me a …

Read More