[TYPO3] 404 redirect and .htaccess

janus76 janus76uk at gmail.com
Mon Sep 15 10:42:23 CEST 2008 

Thanks Oliver for your reply.

I had another think over the weekend and I think I have solved the problem. 

The reason why I need it to work this way and not redirect to an external
page, is when the user gets a 404 page not found, I want them to still be in
the site and able to use the search facility or the menu or the site map to
try and find the page they were looking for.

As the whole directory is protected with a .htaccess file requiring a
specific user, then the 401 error is generated as the page effectively
redirects outside the site and then back in without any authorization. 

I think this causes the problem because it not a client request but a server
redirect. Therefore I assume there is no authorization attached to the
request.

To get round this I have added the IP address of the server to the .htaccess
file

AuthName "My Site protected"
 AuthType Basic
AuthUserFile /somewhere on the server/.htpasswd
Allow from (my server IP address)
Deny from all
Require user me
Satisfy Any

This seems to work.

Can you see any problems with this? Or any potential security issues?





Oliver Rowlands wrote:
> 
> Hi Janus,
> 
> 401 and 404 errors have nothing to do with each other.
> 
> A 401 will be fired by Apache if an authenticated/unauthenticated user 
> tries to access a URI he does not have access to. TYPO3 does not even 
> get triggered in that event as everything happens at the Apache level.
> 
> Have a look at Apache's custom error documents settings, add the 
> following to your .htaccess:
> 
> ErrorDocument 401 /401_error_page.html
> 
> You will need to set the <base> element in your HTML <head> in order for 
> your page assets (ie: CSS, images, JS, etc.) to work correctly.
> 
> Best regards,
> 
> Oliver
> 
> janus76 wrote:
>> I was wondering if anyone can help with this:--
>> here is my setup
>> Typo3 4.2.1
>> 
>> I have a site setup in a sub-directory on the web root call my_site:-
>> /-
>>   |
>>   my_site
>>   |
>>   Other Sites
>> 
>> I have setup a page not found page with id=10
>> 
>> configuring localconf.php with
>> $TYPO3_CONF_VARS['FE']['pageNotFound_handling'] =
>> '/my_site/index.php?id=10';
>> $TYPO3_CONF_VARS['FE']['pageNotFound_handling_statheader'] = 'HTTP/1.0
>> 404
>> Not Found';
>> 
>> this works fine.
>> However i wish to protect my_site with a simple .htaccess file i.e
>> 
>> AuthName "My Site protected"
>> AuthType Basic
>> AuthUserFile /somewhere on the server/.htpasswd
>> Require user me
>> 
>> By doing this I now get a 401 authorization required page.
>> 
>> is there anyway around this?
>> I am missing something in the configuration to set the
>> pageNotFound_handling
>> variable to a relative url?
>> 
>> any help on this would be appreciated
>> 
>> 
>> Thanks
>> 
>> Janus
> 
> 
> -- 
> Oliver Rowlands
> :: Liquid Light ::
> 
> E - oliver at liquidlight.co.uk
> W - http://www.liquidlight.co.uk
> 
> T - 00 44 (0)845 6 58 88 35
> F - 00 44 (0)845 6 58 44 35
> _______________________________________________
> TYPO3-english mailing list
> TYPO3-english at lists.netfielders.de
> http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english
> 
> 

-- 
View this message in context: http://www.nabble.com/404-redirect-and-.htaccess-tp19459873p19489073.html
Sent from the TYPO3 English mailing list archive at Nabble.com.

More information about the TYPO3-english mailing list