WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2026 Poal.co

849

I'm trying to create a web page that's only accessible by the local lan. I've been able to do this, but I'd like to provide an error page for those who hit it from outside the local lan, as the server also provides access to resources for those outside the local network. This is what I have:

Alias /in "/var/www/inside" <Directory /var/www/inside/> ErrorDocument 403 /var/www/403/index.html Require ip 192.168.1 </Directory>

This works, but because it's being denied to everything except local lan, the error document handling returns an error that states it can't handle the request because of the require IP directive:

Forbidden

You don't have permission to access this resource.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Is there a way to have apache handle the error gracefully and direct the user to an error page? I don't want people outside the lan realizing there's some restricted access page there, it's just going to redirect to an image.

edit: solved: https://poal.co/s/AskPoal/575563/8809541a-27d3-49c4-895b-190f5b66f403#cmnts

I'm trying to create a web page that's only accessible by the local lan. I've been able to do this, but I'd like to provide an error page for those who hit it from outside the local lan, as the server also provides access to resources for those outside the local network. This is what I have: >Alias /in "/var/www/inside" ><Directory /var/www/inside/> >ErrorDocument 403 /var/www/403/index.html >Require ip 192.168.1 ></Directory> This works, but because it's being denied to everything except local lan, the error document handling returns an error that states it can't handle the request because of the require IP directive: >Forbidden > >You don't have permission to access this resource. > >Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Is there a way to have apache handle the error gracefully and direct the user to an error page? I don't want people outside the lan realizing there's some restricted access page there, it's just going to redirect to an image. edit: solved: https://poal.co/s/AskPoal/575563/8809541a-27d3-49c4-895b-190f5b66f403#cmnts

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (11).
[–] 1 pt

I believe your best option is not try to do all with the same website (virtualhost). Create 2 separate websites, and use the IP binding command to link one website to the local:

<VirtualHost 192.168.1.10:80>

Then create another virtualhost for the public site:

<VirtualHost 205.11.22.33:80>

Hope this helps, if not please let me know.

[–] 0 pt (edited )

I did try that, using the FQDN and the internal LAN address. It broke stuff. I think, however, you're talking about multiple daemons, which I can't do really due to lack of multiple external IP addresses.

I did try multiple virtualhosts inside the 000-sites-enabled.conf:

In this case, it's not possible due to serving on *:443 and *:80, which overrides any FQDN:PORT virtualhost instance later on in the config. Ordinarily I'd do it on :80 and not open that to the world, but the way the system is set up here, some things need to see an HTTP address to know they're authorized to do their work, as well as receiving codes every now and then. I know that's not the best way to do it these days, but when you work with legacy shit that's the way it is. I don't care that you might see "FQDN/docuroot/enterprise/transporterroom/button/code/YJ8MOP998S1

The original thing I tried worked, that of a "require ip 1.2.3.4" directive, but if you tried to access that directory outside of the LAN it gave Apache's Forbidden screen, which I don't want. Since you can't serve anything, even an error page, when you're forbidden, it didn't do what I needed.

What I really need to dig into is to see if there's an IF methodology. I know there's some basic logic Apache can do, but I haven't reached that stage yet.

[–] 1 pt

Maybe modrewrite could help you? Check this link:

https://httpd.apache.org/docs/trunk/rewrite/access.html

Specially the blocking of bots part, hope this helps!

[–] 0 pt

That's not really what I need, it's kind of a different use case. However, I decided to grab the "Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request." portion of the error and found this:

https://stackoverflow.com/questions/47747483/htaccess-403-forbidden-error-was-encountered-while-trying-to-use-an-errordocumen

After enabling the rewrite mod and adding the .htaccess as described, I can now hit the desired site internally (using the FQDN since the router hairpins) but it gets rejected with an error page outside the network. What a pain in the ass.