Problem redirecting 403 Forbidden to 404 Not Found

Kevin Loney picture Kevin Loney · Feb 14, 2009 · Viewed 33.2k times · Source

The pertinent part of my .htaccess looks like this:

Options -Indexes
<FilesMatch include>
    Order allow,deny
    Deny from all
</FilesMatch>
RedirectMatch 404 ^/include(/.*)$

And it's generating the following responses:

  • /include 403
  • /include/ 404
  • /include/config.inc 403

I can tell by looking at my pattern that problem is likely in the (/.*) part but everything I have tried gives me the same results; instead of consistently getting 404 I get a 404 for the one case and 403 for everything else. What is wrong with the expression I'm using? Alternatively since I have to do this for a few directories is there a blanket approach that would allow me to convert all 403 responses to 404?

UPDATE: I've found that by removing the FileMatch I get better results, so my .htaccess now looks like this:

Options -Indexes
RedirectMatch 404 ^/include(/.*)?$ # Added dlamblin's first suggestion

And generates the following responses:

  • /include 404
  • /include/ 404
  • /include/config.inc 403

UPDATE: Interestingly enough I have discovered that the following produces different output:

RedirectMatch 404 ^/include(/?|/.*)$
RedirectMatch 404 ^/template(/?|/.*)$

The template pattern works on all cases however include is still generating 403 for all files in include (e.g. /include/config.inc) Could this be an issue with the directory name and not a problem with the .htaccess file itself?

UPDATE: The following in my .htaccess was conflicting with redirect when accessing /include/config.inc.

<FilesMatch config>
    Order allow,deny
    Deny from all
</FilesMatch>

Answer

Bryan Rehbein picture Bryan Rehbein · Feb 14, 2009

I can understand why the /include isn't caught by your RedirectMatch, you aren't making the end '/' optional, however the /include/config.inc part is a bit on the puzzling side.

Here is what I got to work on Apache 2.2:

<FilesMatch /include(/?|/.*)>
    Order allow,deny
    Deny from all
</FilesMatch>

RedirectMatch 404 ^/include(/?|/.*)$

This handles these cases:

/include 404
/include/ 404
/include/config.inc 404

I had to change the FilesMatch part in order for the /include part to work properly.

EDIT:

The match line also works without the <FilesMatch> section in .htaccess and gives the expected results.