Emulate a 403 error page

I know you can send a header that tells the browser this page is forbidden like:

header('HTTP/1.0 403 Forbidden');

But how can I also display the custom error page that has been created on the server for this type of error?

By default, just sending the header displays a white page, but I remember a while back reading that you can use the customer error page. Does anybody know?

171924 次浏览

Just echo your content after sending the header.

header('HTTP/1.0 403 Forbidden');


echo 'You are forbidden!';

forbidden

Include the custom error page after changing the header.

.htaccess

ErrorDocument 403     /403.html

For this you must first say for the browser that the user receive an error 403. For this you can use this code:

header("HTTP/1.1 403 Forbidden" );

Then, the script send "error, error, error, error, error.......", so you must stop it. You can use

exit;

With this two lines the server send an error and stop the script.

Don't forget : that emulate the error, but you must set it in a .htaccess file, with

ErrorDocument 403 /error403.php

To minimize the duty of the server make it simple:

.htaccess

ErrorDocument 403 "Forbidden"

PHP

header('HTTP/1.0 403 Forbidden');


die(); // or your message: die('Forbidden');

Refresh the page after sending the 403:

<?php
header('HTTP/1.0 403 Forbidden');
?>
<html><head>
<meta http-equiv="refresh" content="0;URL=http://my.error.page">
</head><body></body></html>

I understand you have a scenario with ErrorDocument already defined within your apache conf or .htaccess and want to make those pages appear when manually sending a 4xx status code via php.

Unfortunately this is not possible with common methods because php sends header directly to user's browser (not to Apache web server) whereas ErrorDocument is a display handler for http status generated from Apache.

Use ModRewrite:

RewriteRule ^403.html$ - [F]

Just make sure you create a blank document called "403.html" in your www root or you'll get a 404 error instead of 403.

I have read all the answers here and none of them was complete answer for my situation (which is exactly the same in this question) so here is how I gathered some parts of the suggested answers and come up with the exact solution:

  1. Land on your server's real 403 page. (Go to a forbidden URL on your server, or go to any 403 page you like)
  2. Right-click and select 'view source'. Select all the source and save it to file on your domain like: http://domain.com/403.html
  3. now go to your real forbidden page (or a forbidden situation in some part of your php) example: http://domain.com/members/this_is_forbidden.php
  4. echo this code below before any HTML output or header! (even a whitespace will cause PHP to send HTML/TEXT HTTP Header and it won't work) The code below should be your first line!

        <?php header('HTTP/1.0 403 Forbidden');
    $contents = file_get_contents('/home/your_account/public_html/domain.com/403.html', TRUE);
    exit($contents);
    

Now you have the exact solution. I checked and verified with CPANEL Latest Visitors and it is registered as exact 403 event.

Seen a lot of the answers, but the correct one is to provide the full options for the header function call as per the php manual

void header ( string $string [, bool $replace = true [, int $http_response_code ]] )

If you invoke with

header('HTTP/1.0 403 Forbidden', true, 403);

the normal behavior of HTTP 403 as configured with Apache or any other server would follow.

http_response_code was introduced in PHP 5.4 and made the things a lot easier!

http_response_code(403);
die('Forbidden');