Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

403 error page not using stylesheet or displaying images

Go to solution
Rank_Outsider
Power User

on ‎04-11-2011 12:03 PM

Hi,

 

I block access to our site from known spammers/hackers using a htaccess file, at which point a custom 403 error page is shown.

 

This page works fine when the user is being blocked because they've tried to access a directory instead of a page, but if they're blocked due to the htaccess file then the stylesheet and company logo are not loaded by the page.

 

If it was just spammers and the like I wouldn't care, but we will sometimes block genuine users who are using dynamic IP addresses where the IP address was previous used by a spammer etc (actually happened today - luckily the blocked user knows us and emailed us a screen shot).  I'd like them to have a 'proper' looking company page so that they know they've come to the right site and are more likely to email us to let us know they are being incorrectly blocked.

 

Is there anyway to modify the htaccess file to allow blocked IP addresses to access our logo and stylesheets so that the 403 error page displays correctly?

 

It's not a big or serious problem, but I'd like to fix it if possible - thank you!

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Sogo7
Grand Master

‎04-11-2011 04:38 PM - edited ‎04-11-2011 04:40 PM

Without seeing all the code or even a link to the site it's hard to give a precise answer

 

As a workaround why not embed the required images in the 403 page itself using base64 encoding?

 

There's a free encoder at http://www.greywyvern.com/code/php/binary2base64

and simple instructions

Lovelogic.net UK Jobs Scanner

View solution in original post

4 REPLIES 4

Go to solution
Sogo7
Grand Master

‎04-11-2011 04:38 PM - edited ‎04-11-2011 04:40 PM

Without seeing all the code or even a link to the site it's hard to give a precise answer

 

As a workaround why not embed the required images in the 403 page itself using base64 encoding?

 

There's a free encoder at http://www.greywyvern.com/code/php/binary2base64

and simple instructions

Lovelogic.net UK Jobs Scanner

Go to solution
Rank_Outsider
Power User
In response to Sogo7

on ‎04-11-2011 06:06 PM

 

Thank you Sogo7, I'd never heard of base64 enoding before, but it looks interesting and I will look into it further - thanks for the tip.

 

Sorry for not including links or code - sloppy of me.

 

The web site is www.neotherix.com and the 403 page is at http://www.neotherix.com/403error.php

 

An example of the htaccess file code (i.e. the first few lines) is:

order allow,deny
ErrorDocument 404 /404error.php
ErrorDocument 403 /403error.php
ErrorDocument 401 /401error.php
allow from all

deny from 38.100.41           "#  2010-11-22 - email harvester subnet"
deny from 46.4.240.7          "#  2011-03-11 - spam harvester"
deny from 46.4.145.242       "#  2011-04-20 - attempted to hack site"
deny from 46.21.144.176     "#  2011-09-27 - comment spammer"
deny from 69.27.110.130     "#  2011-09-27 - possible hacker"

 

Thank you 

 

0 Kudos

Go to solution
Sogo7
Grand Master
In response to Rank_Outsider

‎04-11-2011 07:51 PM - edited ‎04-11-2011 08:00 PM

Personally I think you're being to nice to the miscreants, anyhow here's some code that should sort you out or at least point you in a better direction.

 

It's not a block you need but an htaccess  redirect, though the same result could be achieved with server side php/asp code included in all sensitive pages. Checking the referer / userAgent string signature may also be useful.

 

 

# permanently redirect  IP ranges request for entire site
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REMOTE_HOST} 22\.22\.22 [or]
RewriteCond %{REMOTE_HOST} 68\.33\.44 [or]                         ---- leave thr OR off the last one
RewriteRule ^.*$ http://www.destinationwebsite.com/ [R=403,L]

 

Alternatively change the last line to something like this...

# send em to a hellish website of your choice
RewriteRule ^.*$ http://www.hellish-website.com [R,L]

 

Or, to send em to a virtual blackhole of fake email addresses:

# send em to a virtual blackhole of fake email addresses
RewriteRule ^.*$ http://english-61925045732.spampoison.com [R,L]

Lovelogic.net UK Jobs Scanner

Go to solution
Rank_Outsider
Power User
In response to Sogo7

on ‎11-11-2011 11:30 AM

Thank you again Sogo7.  Sorry to take so long to reply to your last post.

 

I agree with you that my first instinct is to redirect these IP addresses somewhere unpleasant or somewhere that might poison spammers' databases with fake email addresses, however I don't want to risk sending the small number of geniune users that may be unfairly excluded (the one we know about it a Vice President for a company we work with!).

 

Therefore I like the idea of the base64 encoding the best, although will keep your other suggestions in mind.

 

I am thinking of dispensing with a manually compiled .htaccess file anyway and using Http:BL to reject IP addresses based on their score in Project Honey Pot's database.  It takes up too much of my time and is a reactive rather than proactive approach.

 

Regards,

Rank_Outsider

0 Kudos
li.common.scroll-to.top