Skip to content
Advertisement

Custom 404 error handler in htaccess not working for non-existent “.php” files

I’m using a custom error handing system.

Example .htaccess file command:

ErrorDocument 404 /error-deal.php?code=404

The error-deal.php file is present and processes $_GET variables as it should if I enter the URL directly.

Pages with file extensions don’t trigger the .htaccess redirect to the error page:

https://example.com/does-not-exist.php

And yet URLs without the extension do…

https://example.com/does-not-exist

What am I missing here?

Other rewrite rules are:

#force https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NC]

#redirect all www to non www
RewriteCond %{HTTP_HOST} ^www.donbur.co.uk$
RewriteRule (.*) https://donbur.co.uk/$1 [R=301,L]

#URL re-writes for dynamic pages
    
#to handle all news requests
RewriteRule ^news/([^/]*)$ /gb-en/news/article.php?title=$1 [L]

#to handle all feature requests
RewriteRule ^features/([^/]*)$ /gb-en/features/feature.php?title=$1 [L]

Advertisement

Answer

Pages with file extensions don’t trigger the htaccess redirect to the error page:

As mentioned in comments, this would seem to only affect URLs that have a .php extension. This might be due to the way PHP is implemented on your server. For instance, if all *.php requests are proxied to an alternative backend process then this is going to bypass your .htaccess file on the application server.

Unfortunately, since this would appear to be a shared server, you may not have any control over this.

However, there are a couple of things you could try. Although this is hampered by the fact you appear to be using URLs that end in .php throughout your site.

Try resetting the default error document before setting your custom error document. The ErrorDocument should override a previous setting, however, sometimes when this is defined in the server config, it doesn’t. For example:

ErrorDocument 404 default
ErrorDocument 404 /error-deal.php?code=404

If it wasn’t for the fact you are using .php URLs on your site (although, confusingly, you seem to have a mixture of .php and extensionless URLs throughout your site?) then you could potentially force all .php requests to a 404 using mod_rewrite (although this still may not override the default error response).

You could try the following after your canonical redirects (HTTP to HTTPS and www to non-www):

# Force a 404 for ".php" requests that don't exist
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .php$ - [R=404]

If you didn’t have any .php URLs then you could remove the preceding RewriteCond directive.


Aside: You should make sure the /error-deal.php document itself isn’t directly accessible. This currently returns a 200 OK status for non-errors and there doesn’t seem to be anything (robots meta tag, response header, robots.txt) that prevents search engines from crawling/indexing this page(s).

User contributions licensed under: CC BY-SA
8 People found this is helpful
Advertisement