apache web server - allow a local ip only but still provide an error page? | Poal: Say what you want.

Welcome • User Guide
ToS • Privacy • Canary
Donate • Bugs • License

©2026 Poal.co

1.1K

• (edited )

apache web server - allow a local ip only but still provide an error page?

I'm trying to create a web page that's only accessible by the local lan. I've been able to do this, but I'd like to provide an error page for those who hit it from outside the local lan, as the server also provides access to resources for those outside the local network. This is what I have:

Alias /in "/var/www/inside" <Directory /var/www/inside/> ErrorDocument 403 /var/www/403/index.html Require ip 192.168.1 </Directory>

This works, but because it's being denied to everything except local lan, the error document handling returns an error that states it can't handle the request because of the require IP directive:

Forbidden

You don't have permission to access this resource.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Is there a way to have apache handle the error gracefully and direct the user to an error page? I don't want people outside the lan realizing there's some restricted access page there, it's just going to redirect to an image.

edit: solved: https://poal.co/s/AskPoal/575563/8809541a-27d3-49c4-895b-190f5b66f403#cmnts

I'm trying to create a web page that's only accessible by the local lan. I've been able to do this, but I'd like to provide an error page for those who hit it from outside the local lan, as the server also provides access to resources for those outside the local network. This is what I have: >Alias /in "/var/www/inside" ><Directory /var/www/inside/> >ErrorDocument 403 /var/www/403/index.html >Require ip 192.168.1 ></Directory> This works, but because it's being denied to everything except local lan, the error document handling returns an error that states it can't handle the request because of the require IP directive: >Forbidden > >You don't have permission to access this resource. > >Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Is there a way to have apache handle the error gracefully and direct the user to an error page? I don't want people outside the lan realizing there's some restricted access page there, it's just going to redirect to an image. edit: solved: https://poal.co/s/AskPoal/575563/8809541a-27d3-49c4-895b-190f5b66f403#cmnts

(post is archived)

You are currently inside a comment thread.

Click here to see all the comments (11).

[–] • 0 pt

Kind of but not really. That's good if you're taking an an entire site down and only want a few IP addresses through, I need to let the Internet at large through to the main site while blocking it to the local site. It works with a simple require ip directive, but there doesn't appear to be a way to let that directive work AND let the error handlers work because the error handlers are blocked by the require directive. The reason I want an error handler is simple obscurity - it takes a bit more work to determine if there's a site there, and casual script kiddies will probably ignore it. Otherwise, you get the apache Forbidden screen, and that's a tipoff there's something there you're not supposed to see.

I think I have a solution, although it's not as elegant. There's another server that is accessed with a port number, but there's nothing on the *:80 service. I can put it there, but users won't be able to go to "https://example.com/internalsite", they'll have to go to "http://192.168.1.100" instead. It works, I guess.

parent
link