Custom error page in Apache2 for 401

Asked 2/12, 2010 at 23:58 Answered 19/2, 2018 at 15:15

Solved apache apache2 custom-error-pages

Here's the relevant part of the .htaccess file:

AuthUserFile  /var/www/mywebsite/.htpasswd
AuthGroupFile /dev/null
AuthName  protected
AuthType Basic
Require valid-user

ErrorDocument 400 /var/www/errors/index.html
ErrorDocument 401 /var/www/errors/index.html
ErrorDocument 403 /var/www/errors/index.html
ErrorDocument 404 /var/www/errors/index.html
ErrorDocument 500 /var/www/errors/index.html

Docuement root is set to /var/www/mywebsite/web, it's on of many vhosts. I can navigate to the index.html page.

All I'm seeing is the generic Apache 401 page, any thoughts.

EDIT: This is the error message in my browser:

Authorization Required

This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

Additionally, a 401 Authorization Required error was encountered while trying to use an ErrorDocument to handle the request. Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch Server at www.dirbe.com Port 80

Strychninism answered 2/12, 2010 at 23:58 Comment(0)

Make sure that /var/www/errors is readable by the apache user and include this in your apache configuration:

<Directory /var/www/errors>
  Order allow,deny
  Allow from all
</Directory>

Snowinsummer answered 3/12, 2010 at 0:5 Comment(7)

No luck. And nothing in any of the error logs. I am seeing this on the error page though: "Additionally, a 401 Authorization Required error was encountered while trying to use an ErrorDocument to handle the request." – Strychninism 3/12, 2010 at 0:32

Try putting your require auth lines inside of a <Location /></Location> section. – Snowinsummer 3/12, 2010 at 0:58

thanks for the hint, but no avail. Got an error: <Location not allowed here – Strychninism 3/12, 2010 at 1:25

The apache documentation says that ErrorDocument can be a path relative to the document root, or an external URL that will be sent with a redirect. Since you're getting an Auth required message you might need two adjacent directories, one at /errors, and one at /protected, where the .htaccess in /protected would reference /errors/401.html as the ErrorDocument. – Snowinsummer 3/12, 2010 at 2:22

Sam's last comment solved my issue, so I've accepted his original answer. – Strychninism 7/12, 2010 at 19:31

I just came across this thread, and after reading Apache docs found out that "ErrorDocument not just CAN be a path relative to the document root but MUST be a relative to DocumentRoot. Seems no way to put those ErrorDocs out of the DR directory. – Bisayas 27/4, 2014 at 23:56

In other words, the ErrorDocument, if it's a path, is not a file path but a URL path, and that path must be accessible like a normal document (e.g. in the DocumentRoot). This is because the ErrorDocument directive does just a simple redirect. The chosen answer above (using Directory) is misleading and only correct in combination with an appropriate DocumentRoot configuration and (optional) specification of a VirtualHost block. – Hierocracy 23/8, 2019 at 15:51

ErrorDocument takes in a absolute URL path instead of a file path. So it should be:

ErrorDocument 404 /error/error.html

Assuming under your document root is a /error/error.html file.

Rident answered 19/2, 2018 at 15:15 Comment(2)

This should be the chosen answer. The important bit is, "URL path". Don't mistake it for a file path! – Hierocracy 23/8, 2019 at 15:54

Also make sure the file at this location is accessible like a "normal" document (e.g. just like index.html in your DocumentRoot). This is because the ErrorDocument directive does a simple redirect, no direct reading of the (file or) location. – Hierocracy 23/8, 2019 at 15:57

This question (and answers and comments) helped me a bunch, thanks much!

I solved a slightly different way, and wanted to share. In this case, we needed to provide a custom 401 error document and the root path needed to be proxied to a backend app.

So, for example, http://example.com needed to serve content from http://internal-server:8080/. Also, http://example.com needed to be protected using Basic Auth with a custom 401 error document.

So, I created a directory named "error" in the DocumentRoot. Here's the relevant lines from the vhost:

    ErrorDocument 401 /error/error401.html

    # Grant access to html files under /error
<Location "/error">
Options -Indexes
Order Deny,Allow
Allow from all
</Location>

    # restrict proxy using basic auth
<Proxy *>
Require valid-user
AuthType basic
AuthName "Basic Auth"
AuthUserFile /etc/apache2/.htpasswd
</Proxy>

    # Proxy everything except for /error
ProxyRequests Off
ProxyPass /error !
ProxyPass / http://internal:8080/
ProxyPassReverse / http://internal:8080/

Roehm answered 30/8, 2011 at 15:56 Comment(1)

Tried this, but i'm getting the error page before asking to login. Any ideas? – Umberto 23/2, 2017 at 11:24

Recommended topics

Hot tags