Comments on: HTTP Status Codes and .htaccess ErrorDocuments

By: Ultimate Htaccess Tutorial for .htaccess files

Ultimate Htaccess Tutorial for .htaccess files — Tue, 29 Sep 2009 12:55:55 +0000

[...] Requires a valid user/pass to access the login page[401] [...]

By: Some buddy...

Some buddy... — Wed, 12 Aug 2009 21:54:32 +0000

The biggest problem with all of the error codes is that they all reply to the request. This is the reason denial of service attacks work so well. Every wasteful request gets the attention of the server and it sends off a reply.

I would love to know why there is no error request that would be sent to /dev/null – ie don’t reply to the ignored request – just send it to the bitbucket and move on to the next request. What the world needs is an error code that totally ignores specified errors, IPs, etc.

By: Dharmmotyar

Dharmmotyar — Mon, 04 May 2009 06:58:08 +0000

What if the http_status_code ==0 ?? please reply me soon

By: Joe Spencer

Joe Spencer — Tue, 13 Jan 2009 10:22:06 +0000

Very useful list, thanks.

By: vi

vi — Thu, 08 Jan 2009 07:54:03 +0000

good article,nifty code, and nice way to simulate the error codes. thanks for all that.
418 is too good to forget

By: AskApache

AskApache — Tue, 09 Dec 2008 01:01:13 +0000

@ Gerald

LOL! Thanks buddy, at first I thought you kidding, as I noted your website to be the venerable wireshark.org, which is probably the greatest computer program ever invented.

I checked it out and sure enough, you were right! I updated this article and my servers errordocuments to reflect this new info. Thanks!

Any attempt to brew coffee with a teapot should result in 
the error code "418 I'm a teapot". The resulting entity body 
MAY be short and stout.
 
7. Security Considerations
 
Anyone who gets in between me and my morning coffee should be
insecure.
 
Unmoderated access to unprotected coffee pots from Internet users
might lead to several kinds of "denial of coffee service" attacks.
The improper use of filtration devices might admit trojan grounds.
Filtration is not a good virus protection method.

Classic!

By: Gerald Combs

Gerald Combs — Mon, 08 Dec 2008 17:42:50 +0000

Return code 418 is defined in RFC 2324:

2.3.2 418 I’m a teapot

Any attempt to brew coffee with a teapot should result in the error
code “418 I’m a teapot”. The resulting entity body MAY be short and
stout.

By: Berkeley

Berkeley — Sun, 23 Nov 2008 02:33:37 +0000

Learn about .htaccess from the place that gave us BSD and one of the greatest schools in the world: Berkeley.edu - how to use .htaccess file

By: AskApache

AskApache — Mon, 11 Aug 2008 21:46:11 +0000

@ abhi

Those are commonly used to maintain that information internally by the servers.

I wrote all about it when explaining you can use the REDIRECT_URL or REDIRECT_STATUS variables to secure direct access to your binary files..

Each new variable will have the prefix REDIRECT_. REDIRECT_ environment variables are created from the CGI environment variables which existed prior to the redirect, they are renamed with a REDIRECT_ prefix, i.e., HTTP_USER_AGENT becomes REDIRECT_HTTP_USER_AGENT. In addition to these new variables, Apache will define REDIRECT_URL and REDIRECT_STATUS to help the script trace its origin. Both the original URL and the URL being redirected to can be logged in the access log.

By: abhi kakade

abhi kakade — Fri, 01 Feb 2008 10:21:18 +0000

This help is very useful.

I have one problem i am not able to get the value of $_SERVER['REDIRECT_URL'] i have that script on subdomain can you tell me what is lines required in .htaccess file to get values of $_SERVER['REDIRECT_URL']?