show default apache errors (404)

Problems with the Windows version of XAMPP, questions, comments, and anything related.

show default apache errors (404)

Postby rh+ » 28. July 2006 06:48

XAMPP dont show the default apache error message, how do i disable that and show the standard error message?, like this:

http://upload.wikimedia.org/wikipedia/e ... px-404.png

thanks
rh+
 
Posts: 19
Joined: 25. July 2006 04:07

Postby Izzy » 28. July 2006 07:56

Read this in the xampp\apache\conf\httpd.conf to get some ideas.

Code: Select all
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#


Remember that any changes made in the above file will be over ridden by the file below. You would need to comment out this line if you did changes in the above file so the below file was not included:
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf


to this:
# Multi-language error messages
# Include conf/extra/httpd-multilang-errordoc.conf


Also if you comment out the above line and restart apache then go to a page you know will give you a 404 not found error you will see an apache default file minus the header and footer info. This may be enough to do what you want. I have not tested this on 1.5.3a, only on an earlier version that does not use those extra conf files.

Read this in xampp\apache\conf\extra\httpd-multilang-errordoc.conf
Code: Select all
#
# The configuration below implements multi-language error documents through
# content-negotiation.
#
# Required modules: mod_alias, mod_include, mod_negotiation
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections.  We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
#   Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /xampp/apache/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis.  The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.


Personally I prefer the included xampp error messages as they look more custom designed and give a bit more info than the millions of standard default apache error messages out there. You can customise these files also with ease if you know html.

I have created custom error messages for my Linux sites hosted in a DC out in the states as I like them to reflect the over all appearance of my web sites which include links back to the Home Page so visitors are not left stranded on an error page.

It is possible to create your custom error pages and include the info and path in your root web directory using a .htaccess file which will over ride the httpd.conf files on a site by site basis. This is what I use on my Linux boxes. It is very similar to the commented out error directives in the first httpd.conf code box above:
ErrorDocument 404 /path to your custom 404 error file/404.html

There may be other ways that I am not aware of but may be forthcoming by other readers of this thread.

Good Luck with it and how did you go with your reload httpd.conf issue. :)
Izzy
 
Posts: 3344
Joined: 25. April 2006 17:06

Postby rh+ » 28. July 2006 08:22

thanks again, im trying to use this with a small site (700 users/day top) with a PC only hosting that site, (problems with some hosting services make me try myself).
Im new in all this things, so i installed XAMPP and now im trying to give it the more security i can. (in first place, dont letting know that im using xampp, that has red letters telling "this is not secure for production use" :P .
If you have any tips/links for securying XAMPP/apache/php im learning :D
sorry if you cant understand anything (im from Argentina).

thanks again Izzy
rh+
 
Posts: 19
Joined: 25. July 2006 04:07

Postby Izzy » 28. July 2006 08:38

Take a look at this page and do as much reading as you can about it including a google search using mod_security or mod_sec as your key words:
http://www.modsecurity.org/

I found it to be an indespensable inclusion to securing my web servers.
ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server module or standalone, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks.


Good luck with your site but remember there will be script kiddies try and hack your site no matter what you do, you just have to keep your eye on your log files to see what they are up to and try and close the holes they may find. Mod_sec with a good set of rules is a great weapon in your armoury to help with the fight to keep your web server secure.
Izzy
 
Posts: 3344
Joined: 25. April 2006 17:06


Return to XAMPP for Windows

Who is online

Users browsing this forum: dogmatic and 43 guests