导航首页 » 文章首页 » 站长技术 » cPanel自定义401错误页面“未显示""不生效"

cPanel自定义401错误页面“未显示""不生效"

2022-11-10 1051 站长技术


问题描述

我的问题:

由于某种原因,我的自定义401错误页面未在登录时显示,而仅显示通用401错误页面:

For some reason my custom 401 error page is not displaying on login and is just displaying the generic 401 error page:

UnauthorizedThis server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.Additionally, a 401 Unauthorized error was encountered while trying to use an ErrorDocument to handle the request.

现在说这是我的自定义404错误页面,而其他页面则显示的很好,只是不显示401.(自定义错误页面)文件在我的public_html目录中.

Now in saying this my custom 404 error page and others are displaying just fine, just not for the 401. The "error.php" (custom error page) file is in my public_html directory.

我当前在public_html目录中的.htaccess文件:

ErrorDocument 400 /error.phpErrorDocument 401 /error.phpErrorDocument 402 /error.phpErrorDocument 403 /error.phpErrorDocument 404 /error.phpErrorDocument 500 /error.phpErrorDocument 501 /error.phpErrorDocument 502 /error.phpErrorDocument 503 /error.phpErrorDocument 504 /error.phpErrorDocument 505 /error.phpErrorDocument 506 /error.phpErrorDocument 507 /error.phpErrorDocument 510 /error.phpRewriteEngine OnDirectoryIndex .index.php .style.css .sorttableRewriteRule .*\.(jpg|jpeg|gif|png|bmp|zip|rar)$ - [F,NC]# php -- BEGIN cPanel-generated handler, do not edit# Set the "ea-php73" package as the default "PHP" programming language.  AddHandler application/x-httpd-ea-php73 .php .php7 .phtml# php -- END cPanel-generated handler, do not edit#----------------------------------------------------------------cp:ppd# Section managed by cPanel: Password Protected Directories     -cp:ppd# - Do not edit this section of the htaccess file!              -cp:ppd#----------------------------------------------------------------cp:ppdAuthType BasicAuthName "Protected 'public_html'"AuthUserFile "/home/dark/.htpasswds/public_html/passwd"Require valid-user#----------------------------------------------------------------cp:ppd# End section managed by cPanel: Password Protected Directories -cp:ppd#----------------------------------------------------------------cp:ppd

现在,如.htaccess中所示,我的目录已受密码保护.我尝试了以下修复程序,但仍然无法显示自定义401错误页面:

Now my directories are password protected as you can see in the .htaccess. I tried the following fixes but still no luck on displaying the custom 401 error page:

  1. 在其他目录中创建错误页面.
  2. 在.htaccess文件中指定错误页面的完整网址.
  3. 关闭目录密码功能.
  4. 将错误文件扩展名更改为.shtml.
  5. 在stackoverflow网站上尝试了许多其他代码和问题.

现在回顾一下,所有其他自定义错误页面都显示正常,只是登录时没有显示401,而我很困惑.

Now to recap, all other custom error pages are displaying fine, just not the 401 on login and i'm stumped.

我的cPanel服务器信息:

My cPanel Sever Information:

Hosting Package GoldServer Name servercPanel Version  88.0 (build 14)Apache Version  2.4.46PHP Version 7.3.21MySQL Version   10.3.24-MariaDB-cll-lveArchitecture    x86_64Operating System    linuxShared IP Address   45.95Local IP Address    192.168Path to Sendmail    /usr/sbin/sendmailPath to Perl    /usr/bin/perlPerl Version    5.16.3Kernel Version  3.10.0-962.3.2.lve1.5.32.el7.x86_64

谢谢!

推荐答案

要提供401 ErrorDocument,需要对其进行访问.如果一切在HTTP身份验证之后被阻止,则在身份验证失败时将无法访问它,并且您会在默认服务器401响应中获得其他内容:

For the 401 ErrorDocument to be served, it needs to be accessible. If everything is blocked behind HTTP authentication then it's not going to be accessible when authentication fails and you get the additional part in the default server 401 response:

此外,尝试使用ErrorDocument处理请求.

Additionally, a 401 Unauthorized error was encountered while trying to use an ErrorDocument to handle the request.

您需要打孔"在您的身份验证中,并允许公众访问此文档.

You need to "punch a hole" in your authentication and allow public access to this document.

例如:


    Require all granted

  1. 在其他目录中创建错误页面.

这应该行得通,提供不同目录"也不受HTTP身份验证的保护.例如,子目录将无济于事.

That should have worked, providing the "different directory" was not also protected by HTTP authentication. For instance, a subdirectory would not help.

  1. 在.htaccess文件中指定错误页面的完整网址.

那将触发外部302重定向,并失去401响应.这是不允许的.如 Apache文档所述:

That would trigger an external 302 redirect and lose the 401 response. This is not permitted. As noted in the Apache docs:

如果您使用 ErrorDocument 401 指令,则它必须引用本地文档.

if you use an ErrorDocument 401 directive, then it must refer to a local document.

  1. 关闭目录密码功能.

如果您关闭了目录密码功能",那么没有什么东西可以触发401,因此您的错误文档将可以访问,但是如何触发/测试401错误文档呢?这似乎有点鸡/蛋.

If you turned "off the directory password function" then there's nothing to trigger the 401 so your error document would be accessible, but then how are your triggering/testing your 401 error document? This seems a bit chicken/egg.

  1. 将错误文件扩展名更改为.shtml.

更改文件的类型在这里没有什么区别.

Changing the type of file would make no difference here.

RewriteRule .*\.(jpg|jpeg|gif|png|bmp|zip|rar)$ - [F,NC]

为澄清起见,您是否没有在任何页面上提供任何图像?包含这些文件扩展名之一的任何请求都将触发"403禁止访问".

To clarify, you're not serving any images on any pages? Any request that contains one of these file extensions will trigger a 403 Forbidden.

更新:如果您的错误文档使用了其他资源,那么将它们全部包含在自己的子目录(例如/errordocs )中会比较容易-您然后可以允许公众访问此子目录,而不必标识每个文件.

UPDATE: If your error documents use additional resources then it would be easier for these all to be self contained in their own subdirectory (eg. /errordocs) - you can then just permit public access to this subdirectory without having to identify every file.

然后,您只需一个衬里即可在/errordocs 子目录中创建一个附加的 .htaccess 文件:

You then create an additional .htaccess file in the /errordocs subdirectory with just a one liner:

Require all granted

这篇关于cPanel自定义401错误页面“未显示";的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!


上一篇
342

早起,能解决80%的人生难题