I'm using a custom error handing system.
Example .htaccess
file command:
ErrorDocument 404 /error-deal.php?code=404
The error-deal.php
file is present and processes $_GET variables as it should if I enter the URL directly.
Pages with file extensions don't trigger the .htaccess
redirect to the error page:
https://example.com/does-not-exist.php
And yet URLs without the extension do...
https://example.com/does-not-exist
What am I missing here?
Other rewrite rules are:
#force https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]
#redirect all www to non www
RewriteCond %{HTTP_HOST} ^www.donbur.co.uk$
RewriteRule (.*) https://donbur.co.uk/$1 [R=301,L]
#URL re-writes for dynamic pages
#to handle all news requests
RewriteRule ^news/([^/]*)$ /gb-en/news/article.php?title=$1 [L]
#to handle all feature requests
RewriteRule ^features/([^/]*)$ /gb-en/features/feature.php?title=$1 [L]
CodePudding user response:
Pages with file extensions don't trigger the htaccess redirect to the error page:
As mentioned in comments, this would seem to only affect URLs that have a .php
extension. This might be due to the way PHP is implemented on your server. For instance, if all *.php
requests are proxied to an alternative backend process then this is going to bypass your .htaccess
file on the application server.
Unfortunately, since this would appear to be a shared server, you may not have any control over this.
However, there are a couple of things you could try. Although this is hampered by the fact you appear to be using URLs that end in .php
throughout your site.
Try resetting the default error document before setting your custom error document. The ErrorDocument
should override a previous setting, however, sometimes when this is defined in the server config, it doesn't. For example:
ErrorDocument 404 default
ErrorDocument 404 /error-deal.php?code=404
If it wasn't for the fact you are using .php
URLs on your site (although, confusingly, you seem to have a mixture of .php
and extensionless URLs throughout your site?) then you could potentially force all .php
requests to a 404 using mod_rewrite (although this still may not override the default error response).
You could try the following after your canonical redirects (HTTP to HTTPS and www to non-www):
# Force a 404 for ".php" requests that don't exist
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.php$ - [R=404]
If you didn't have any .php
URLs then you could remove the preceding RewriteCond
directive.
Aside: You should make sure the /error-deal.php
document itself isn't directly accessible. This currently returns a 200 OK status for non-errors and there doesn't seem to be anything (robots meta tag, response header, robots.txt
) that prevents search engines from crawling/indexing this page(s).