Is there a way to force apache to return 404 instead of 403?

RedirectMatch as in e.g.

RedirectMatch 404 /\.

does the trick, it prohibits access to all files or directories starting with a dot, giving a “404 Not Found” error.

From the Apache manual: “The Redirect[Match] directive maps an old URL into a new one by asking the client to refetch the resource at the new location.” By default, Redirect sends a 302 return code, but it can also return other status codes as shown above.

Related Contents:

  1. If you use HTTPS will your URL params will be safe from sniffing? [duplicate]
  2. Tips for debugging .htaccess rewrite rules
  3. What is the best way to implement “remember me” for a website? [closed]
  4. How to redirect all HTTP requests to HTTPS
  5. Error message “Forbidden You don’t have permission to access / on this server” [closed]
  6. Difference between Hashing a Password and Encrypting it
  7. How to debug Apache mod_rewrite
  8. htaccess remove index.php from url
  9. JWT (JSON Web Token) automatic prolongation of expiration
  10. How do I create a self-signed certificate for code signing on Windows?
  11. What is token-based authentication?
  12. XMLHttpRequest cannot load file. Cross origin requests are only supported for HTTP
  13. The necessity of hiding the salt for a hash
  14. Will web browsers cache content over https
  15. Is it possible to reverse a SHA-1?
  16. Pretty URLs with .htaccess
  17. Is it safe to enable CORS to * for a public and readonly webservice?
  18. How to debug .htaccess RewriteRule not working
  19. Where do you store your salt strings?
  20. How to force https on elastic beanstalk?
  21. Password hashing, salt and storage of hashed values
  22. How can I match query string variables with mod_rewrite?
  23. Yii2 htaccess – How to hide frontend/web and backend/web COMPLETELY
  24. SPA best practices for authentication and session management
  25. Why is using a Non-Random IV with CBC Mode a vulnerability?
  26. What algorithm should I use to hash passwords into my database? [duplicate]
  27. Differences Between Rijndael and AES
  28. How are software license keys generated?
  29. What is happening when I have two CSP (Content Security Policies) policies – header & meta?
  30. How to redirect URLs based on query string?
  31. 301 Redirect to replace all spaces to hyphens
  32. How do I store and retrieve credentials from the Windows Vault credential manager?
  33. Why not use MD5 for password hashing?
  34. WAMP 403 Forbidden message on Windows 7
  35. Are Google Cloud Functions protected from DDoS attacks?
  36. CSS, JS and images do not display with pretty url
  37. Docker and securing passwords
  38. OAuth2 and Google API: access token expiration time?
  39. Send mail via Gmail with PowerShell V2’s Send-MailMessage
  40. IIS7, web.config to allow only static file handler in directory /uploads of website
  41. How will a server become vulnerable with chmod 777?
  42. Mod_Rewrite unexpected behavior L flag
  43. Secure Google Cloud Functions http trigger with auth
  44. What is a retpoline and how does it work?
  45. Is it worth encrypting email addresses in the database?
  46. Apache rewrite based on subdomain
  47. apache HTTP:X-Forwarded-Proto in .htaccess is causing redirect loop in dev environment
  48. rewrite rules for apache 2 to use with angular js
  49. Difference between CSRF and X-CSRF-Token
  50. htaccess redirect index.php to root (including subdomains)

Leave a Comment