Emulate a 403 error page

I know you can send a header that tells the browser this page is forbidden like:

header('HTTP/1.0 403 Forbidden');

But how can I also display the custom error page that has been created on the server for this type of error?

By default, just sending the header displays a white page, but I remember a while back reading that you can use the customer error page. Does anybody know?

171924 次浏览
小开

Just echo your content after sending the header.

header('HTTP/1.0 403 Forbidden');


echo 'You are forbidden!';

forbidden

小开
最佳答案

Include the custom error page after changing the header.

小开

.htaccess

ErrorDocument 403     /403.html
小开

For this you must first say for the browser that the user receive an error 403. For this you can use this code:

header("HTTP/1.1 403 Forbidden" );

Then, the script send "error, error, error, error, error.......", so you must stop it. You can use 

exit;

With this two lines the server send an error and stop the script.

Don't forget : that emulate the error, but you must set it in a .htaccess file, with 

ErrorDocument 403 /error403.php
小开

To minimize the duty of the server make it simple:

.htaccess

ErrorDocument 403 "Forbidden"

PHP

header('HTTP/1.0 403 Forbidden');


die(); // or your message: die('Forbidden');
小开

Refresh the page after sending the 403:

<?php
header('HTTP/1.0 403 Forbidden');
?>
<html><head>
<meta http-equiv="refresh" content="0;URL=http://my.error.page">
</head><body></body></html>
小开

I understand you have a scenario with ErrorDocument already defined within your apache conf or .htaccess and want to make those pages appear when manually sending a 4xx status code via php.

Unfortunately this is not possible with common methods because php sends header directly to user's browser (not to Apache web server) whereas ErrorDocument is a display handler for http status generated from Apache.

小开

Use ModRewrite:

RewriteRule ^403.html$ - [F]

Just make sure you create a blank document called "403.html" in your www root or you'll get a 404 error instead of 403.

小开

I have read all the answers here and none of them was complete answer for my situation (which is exactly the same in this question) so here is how I gathered some parts of the suggested answers and come up with the exact solution:

  1. Land on your server's real 403 page. (Go to a forbidden URL on your server, or go to any 403 page you like)
  2. Right-click and select 'view source'. Select all the source and save it to file on your domain like: http://domain.com/403.html
  3. now go to your real forbidden page (or a forbidden situation in some part of your php) example: http://domain.com/members/this_is_forbidden.php

  4. echo this code below before any HTML output or header! (even a whitespace will cause PHP to send HTML/TEXT HTTP Header and it won't work) The code below should be your first line!

        <?php header('HTTP/1.0 403 Forbidden');
$contents = file_get_contents('/home/your_account/public_html/domain.com/403.html', TRUE);
exit($contents);

Now you have the exact solution. I checked and verified with CPANEL Latest Visitors and it is registered as exact 403 event.

小开

Seen a lot of the answers, but the correct one is to provide the full options for the header function call as per the php manual

void header ( string $string [, bool $replace = true [, int $http_response_code ]] )

If you invoke with

header('HTTP/1.0 403 Forbidden', true, 403);

the normal behavior of HTTP 403 as configured with Apache or any other server would follow.

小开

http_response_code was introduced in PHP 5.4 and made the things a lot easier!

http_response_code(403);
die('Forbidden');

提交答案