Site navigation below

Questions answered

Terms explained

Place your text ad here.

World class File Recovery and renowned raid recovery services

WestNIC provides reliable web hosting services

The Apache Web server allows site managers to customise error pages for HTTP errors by number. This error 403 access forbidden, means that a request for a "bare" directory path has been made, no default directory index page is present and the site manager does not want a file listing displayed in its place.

On this page

Plus other Apache custom error page articles.

Apache custom error 403 configuration

This custom error page can be configured with a single line in the .htaccess file for the relevant directory, as shown below. If this instruction is given in the root level document directory, it applies to all subdirectories.

.htaccess 

ErrorDocument 403 /error-docs/403.shtml

The file path must lead with a forward slash relative to the document root for the server or virtual host. In this example, error-docs is a sub-directory of the document root.

The custom error document itself should be a standard formatted HTML document that may use Server Side Includes or any other dynamic processing. Bear in mind, however, that if errors occur in the delivery of such dynamic documents your visitors may witness an even less friendly aspect to your site!

Directory configuration

Note that this directory level configuration option will only work if index listings are actually forbidden in the server's main configuration file, httpd.conf, or the relevant .htaccess file. This in turn relies upon the AllowOverride values in httpd.conf to include Options or All.

httpd.conf 

<Directory /home/~username/webspace>
  Options Indexes Includes FollowSymlinks ExecCGI
  IndexOptions +FancyIndexing
  AllowOverride All
  order allow,deny
  allow from all
</Directory>

.htaccess 

Options -Indexes

Directory permissions

Another way to prevent directory listings is to set the access permissions for a given directory to exclude read access for the "other" user, e.g. 

chmod 771 mydirectory

It is essential to retain execute permissions for the other user on directories to allow access to the files and directories within. The resulting permissions should be drwxrwx--x.

Activate .htaccess settings

To enable .htaccess files to override the server's http.conf settings, the default host must have the AllowOverride FileInfo property set in its Directory directive. Your configuration should look something like this: 

<Directory "C:/apache/httpd/htdocs/manual">
    Options Includes Indexes FollowSymLinks MultiViews
    AllowOverride FileInfo
    Order allow,deny
    Allow from all
</Directory>

Server configuration problem?

If your Web server is issuing HTTP errors, you may find the answer to your problem in the following extract from our extensive FAQ section.

HTTP status 403 questions

  1. How do I fix a 403 error?

Apache custom error configuration

Article feedback

Your comments on this article will be appreciated, please use the form below to submit your views. If you would like a reply or article update notification, include your email address.

Information: Your email address will not be mis-used. If you include your address you may be sent a personal reply, you will not be added to any mailing list unless you request update notification. Read the site privacy statement for details.

Add this page to your chosen social bookmarking service

Style warning - please read

Home · CSS · Java · Javascript · HTML · Help · Log