Show customized error page for forbidden request

Question

I am trying to validate the following URL's

But this was showing as 403 forbidden of default server error instead of customized error page

My .htaccess file configuration is

ErrorDocument 404 /404.php
ErrorDocument 403 /403.php

For Example,

For this URL we got the customized error page https://stackoverflow.com/welcome

But If we execute this URL we got the default error page of server

How to solve this issue?

Thanks in advance

Google detects well https://www.google.co.in/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd — Sundar, Aug 30 '16 at 13:59
facebook handles well https://www.facebook.com/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd — Sundar, Aug 30 '16 at 15:36
Your web server is different and FB is different. [see this Q&A](http://stackoverflow.com/questions/9206835/2f-in-url-breaks-and-does-not-reference-to-the-php-file-required) — anubhava, Aug 30 '16 at 15:57

score 1 · Accepted Answer · answered Sep 24 '16 at 02:14

1

You can add to your httpd.conf

AllowEncodedSlashes On

And restart apache.

After that apache should treat your url as valid. ( so 404 page should be shown )

answered Sep 24 '16 at 02:14

Pawel Dubiel

1 Answers1