I created a .htaccess inside a directory in which I don't want the files to be directly accessed. It works and fires the default 403 page (Access forbidden!) of the Apache server. How can I create a custom 403 page? Thanks!

In your .htaccess file you can specify what document you want as your default 403 error document.

ErrorDocument 403 /dir/file.html

Here the directory is relative to the document root.

You can do something like the following:

#Rewrite URL's
RewriteEngine On
RewriteRule ^404/?$ errors/404.html [NC]

# Enable Error Documents
# (404,File Not Found) | (403,Forbidden) | (500,Internal Server Error)
ErrorDocument 404 /404
ErrorDocument 403 /404

What this is doing is turning on the RewriteEngine so we can redirect url's nicely, then we are defining using the RewriteRule that /404/ or /404 should redirect to the custom 404 page. I then state that the ErrorDocument 404 and 403 should redirect to the 404 page. I do this for security so, a user does not know whether or not a file exists or if they just don't have access.

You can also add a custom inline error message via ErrorDocumnet in your .htaccess file as shown below:

    ErrorDocument 403 '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>403 Forbidden</title></head><p>Sorry, access to this page is forbidden.</p></body></html>'

None is worked for me. I had to edit the file /etc/apache2/conf-enabled/localized-error-pages.conf and add the following

ErrorDocument 403 "403, Ok!?"