You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Patrick Campbell <PC...@ourvacationstore.com> on 2004/12/06 18:06:41 UTC
[users@httpd] Custom 500 error message apache/tomcat
Working in a test environment here, when we restart Tomcat I want to throw
up a different set of error messages than when there is actually a problem,
so that our QA people know when we're restarting Tomcat (e.g. when we put up
new Jar files) as opposed to there being a real problem.
My solution was to temporarily write a .htaccess file into the root httpd
directory (I put AllowOverride FileInfo on all <directory> directives in
httpd.conf, and there are no .htaccess files in subdirs to override the one
in the root httpd directory), then the idea is to remove the .htaccess file
after Tomcat is up and running again so we get the "real" error docs.
Here's what my .htaccess file looks like.
ErrorDocument 400 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 401 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 403 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 404 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 405 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 408 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 410 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 411 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 412 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 413 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 414 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 415 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 500 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 501 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 502 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 503 "Restarting Tomcat - Please retry in 30 seconds
ErrorDocument 506 "Restarting Tomcat - Please retry in 30 seconds
For testing, I go to http://our.test.environment.com/non-existant-file I get
the 404 error , but while restarting Tomcat, the users get the "real" 500
error as defined in Apache (the one we want them to see when there is a TRUE
500 error). Why might this be not pulling my 500 error from the .htaccess
file? Is there something perhaps in Tomcat that defines error files vs.
Apache's error files?
Is there a better solution to my problem than with .htaccess files?
Patrick Campbell
OurVacationStore.com
Website Administrator
pcampbell@ourvacationstore.com
-----Original Message-----
From: O-One [mailto:ola_one@yahoo.com]
Sent: Monday, December 06, 2004 9:52 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] httpd.conf file help...
Sorry about the text please.
I am running
Windows Server Enterprise 2003
Apache 2.0.52
PHP 4.3.9
Thanks
--- Boyle Owen <Ow...@swx.com> wrote:
> Plain text please...
>
> It is impossible to make any sort of comment on this
> question without
> knowing the apache version and the OS, at the very
> least. For all we
> know, you could've been running apache 1.2 on
> windows 3.1...
>
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message
> may be ignored.
>
>
> -----Original Message-----
> From: O-One [mailto:ola_one@yahoo.com]
> Sent: Montag, 6. Dezember 2004 14:15
> To: users@httpd.apache.org
> Subject: [users@httpd] httpd.conf file help...
>
>
> Hello all,
>
> I have created 2 websites that ran on Apache and 3
> to 6 months later, I
> have lost both. I am now wondering if the compromise
> is not coming from
> my configuration.
>
> I need to know if Apache default installation is
> safe enough, and if
> not, what I need to tweak to make it safe.
>
> All I want is for people to browse my site. I have
> also used weblogs and
> I create Forum within my weblog and also allow
> download. What I do
> within the weblog, have there own security tools,
> but I need to know
> what directive I can use in httpd.conf file that
> will not allow anyone
> to just take over my site or files. Am I thinking
> right or just
> paranoid.
>
> Like I said, one of my sites ran for almost 9 months
> before crashing
> while the other was only on for 2 moths. I am
> begining to wonder that it
> is the security aspect of Apache that I am not
> getting right.
>
> Any help will be appreciated.
>
> Thanks
>
>
> Do you Yahoo!?
> Yahoo! Mail - Helps protect you from nasty viruses.
>
> Diese E-mail ist eine private und persönliche
> Kommunikation. Sie hat
> keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der
> SWX Gruppe. This
> e-mail is of a private and personal nature. It is
> not related to the
> exchange or business activities of the SWX Group. Le
> présent e-mail est
> un message privé et personnel, sans rapport avec
> l'activité boursière du
> Groupe SWX.
>
> This message is for the named person's use only. It
> may contain
> confidential, proprietary or legally privileged
> information. No
> confidentiality or privilege is waived or lost by
> any mistransmission.
> If you receive this message in error, please notify
> the sender urgently
> and then immediately delete the message and any
> copies of it from your
> system. Please also immediately destroy any
> hardcopies of the message.
> You must not, directly or indirectly, use, disclose, distribute,
> print, or copy any part of this message if you are not the
> intended recipient.
> The sender's company reserves the right to monitor
> all e-mail
> communications through their networks. Any views
> expressed in this
> message are those of the individual sender, except
> where the message
> states otherwise and the sender is authorised to
> state them to be the
> views of the sender's company.
>
>
>
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
>
__________________________________
Do you Yahoo!?
All your favorites on one personal page - Try My Yahoo! http://my.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Custom 500 error message apache/tomcat
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
you could use a cgi as errordoc which can test what the exact
error-condition is.
----- Original Message -----
From: "Patrick Campbell" <PC...@ourvacationstore.com>
To: <us...@httpd.apache.org>
Sent: Monday, December 06, 2004 6:06 PM
Subject: [users@httpd] Custom 500 error message apache/tomcat
> Working in a test environment here, when we restart Tomcat I want to throw
> up a different set of error messages than when there is actually a
> problem,
> so that our QA people know when we're restarting Tomcat (e.g. when we put
> up
> new Jar files) as opposed to there being a real problem.
>
> My solution was to temporarily write a .htaccess file into the root httpd
> directory (I put AllowOverride FileInfo on all <directory> directives in
> httpd.conf, and there are no .htaccess files in subdirs to override the
> one
> in the root httpd directory), then the idea is to remove the .htaccess
> file
> after Tomcat is up and running again so we get the "real" error docs.
>
> Here's what my .htaccess file looks like.
>
> ErrorDocument 400 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 401 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 403 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 404 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 405 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 408 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 410 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 411 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 412 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 413 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 414 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 415 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 500 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 501 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 502 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 503 "Restarting Tomcat - Please retry in 30 seconds
> ErrorDocument 506 "Restarting Tomcat - Please retry in 30 seconds
>
> For testing, I go to http://our.test.environment.com/non-existant-file I
> get
> the 404 error , but while restarting Tomcat, the users get the "real" 500
> error as defined in Apache (the one we want them to see when there is a
> TRUE
> 500 error). Why might this be not pulling my 500 error from the .htaccess
> file? Is there something perhaps in Tomcat that defines error files vs.
> Apache's error files?
>
> Is there a better solution to my problem than with .htaccess files?
>
> Patrick Campbell
> OurVacationStore.com
> Website Administrator
> pcampbell@ourvacationstore.com
>
>
> -----Original Message-----
> From: O-One [mailto:ola_one@yahoo.com]
> Sent: Monday, December 06, 2004 9:52 AM
> To: users@httpd.apache.org
> Subject: RE: [users@httpd] httpd.conf file help...
>
>
> Sorry about the text please.
>
> I am running
>
> Windows Server Enterprise 2003
> Apache 2.0.52
> PHP 4.3.9
>
> Thanks
> --- Boyle Owen <Ow...@swx.com> wrote:
>
>> Plain text please...
>>
>> It is impossible to make any sort of comment on this
>> question without
>> knowing the apache version and the OS, at the very
>> least. For all we
>> know, you could've been running apache 1.2 on
>> windows 3.1...
>>
>> Rgds,
>> Owen Boyle
>> Disclaimer: Any disclaimer attached to this message
>> may be ignored.
>>
>>
>> -----Original Message-----
>> From: O-One [mailto:ola_one@yahoo.com]
>> Sent: Montag, 6. Dezember 2004 14:15
>> To: users@httpd.apache.org
>> Subject: [users@httpd] httpd.conf file help...
>>
>>
>> Hello all,
>>
>> I have created 2 websites that ran on Apache and 3
>> to 6 months later, I
>> have lost both. I am now wondering if the compromise
>> is not coming from
>> my configuration.
>>
>> I need to know if Apache default installation is
>> safe enough, and if
>> not, what I need to tweak to make it safe.
>>
>> All I want is for people to browse my site. I have
>> also used weblogs and
>> I create Forum within my weblog and also allow
>> download. What I do
>> within the weblog, have there own security tools,
>> but I need to know
>> what directive I can use in httpd.conf file that
>> will not allow anyone
>> to just take over my site or files. Am I thinking
>> right or just
>> paranoid.
>>
>> Like I said, one of my sites ran for almost 9 months
>> before crashing
>> while the other was only on for 2 moths. I am
>> begining to wonder that it
>> is the security aspect of Apache that I am not
>> getting right.
>>
>> Any help will be appreciated.
>>
>> Thanks
>>
>>
>> Do you Yahoo!?
>> Yahoo! Mail - Helps protect you from nasty viruses.
>>
>> Diese E-mail ist eine private und persönliche
>> Kommunikation. Sie hat
>> keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der
>> SWX Gruppe. This
>> e-mail is of a private and personal nature. It is
>> not related to the
>> exchange or business activities of the SWX Group. Le
>> présent e-mail est
>> un message privé et personnel, sans rapport avec
>> l'activité boursière du
>> Groupe SWX.
>>
>> This message is for the named person's use only. It
>> may contain
>> confidential, proprietary or legally privileged
>> information. No
>> confidentiality or privilege is waived or lost by
>> any mistransmission.
>> If you receive this message in error, please notify
>> the sender urgently
>> and then immediately delete the message and any
>> copies of it from your
>> system. Please also immediately destroy any
>> hardcopies of the message.
>> You must not, directly or indirectly, use, disclose, distribute,
>> print, or copy any part of this message if you are not the
>> intended recipient.
>> The sender's company reserves the right to monitor
>> all e-mail
>> communications through their networks. Any views
>> expressed in this
>> message are those of the individual sender, except
>> where the message
>> states otherwise and the sender is authorised to
>> state them to be the
>> views of the sender's company.
>>
>>
>>
>>
> ---------------------------------------------------------------------
>> The official User-To-User support forum of the
>> Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for
>> more info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail:
>> users-help@httpd.apache.org
>>
>>
>
>
>
>
> __________________________________
> Do you Yahoo!?
> All your favorites on one personal page - Try My Yahoo!
> http://my.yahoo.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info. To
> unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Custom 500 error message apache/tomcat
Posted by Joshua Slive <js...@gmail.com>.
On Mon, 6 Dec 2004 10:06:41 -0700, Patrick Campbell
<pc...@ourvacationstore.com> wrote:
> Here's what my .htaccess file looks like.
>
> ErrorDocument 500 "Restarting Tomcat - Please retry in 30 seconds
> For testing, I go to http://our.test.environment.com/non-existant-file I get
> the 404 error , but while restarting Tomcat, the users get the "real" 500
> error as defined in Apache (the one we want them to see when there is a TRUE
> 500 error). Why might this be not pulling my 500 error from the .htaccess
> file? Is there something perhaps in Tomcat that defines error files vs.
> Apache's error files?
>
> Is there a better solution to my problem than with .htaccess files?
You will probably need to change httpd.conf and restart (gracefully)
apache. For requests that are handled outside the filesystem, apache
will not necessarily read the .htaccess files.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org