-   Linux - Server (
-   -   Apache - I want a timeout for invalid paths (

Apollo77 11-14-2007 02:44 PM

Apache - I want a timeout for invalid paths
I've got Apache set up and running. Everything is fine. However, I want Apache to timeout, rather than returning error 403 (or any other error) if the request is for the root path or any other invalid path.

So ... if this is requested:

then I want Apache to ignore the request (timeout), rather than sending an error message that would confirm apache is running at that location. (there is nothing at the root path).

However, if any other valid path is requested, such as:

then I want apache to respond normally.

I have tried changing ErrorDocument in httpd.conf to some path that does not exist, but Apache still responds with an error message.

Why do I want to do this? I want the server to be invisible unless you know a valid path.

Can this be done?

forrestt 11-14-2007 03:37 PM

What you are asking is possible, although I don't remember the details off the top of my head. I can try to find out, but it still won't make your server invisible. A connection is established to the server before any page request is processed. If the connection is made then you aren't invisible. To prove this, try to telnet to port 80 on your server:

telnet 80
You will see that you are connected and told about the Escape character. If you type, "GET /index.html" you will get your default page (or in your case the error about the 403 and not having the default error page either.

Now, telnet to some unused port:

telnet 81
You should see something like, "telnet: connect to address Connection refused

I'm guessing this is really what you want Apache to do.



Apollo77 11-14-2007 10:03 PM

Ok, I see what you are saying. Obviously, a connection must be established before any page request can happen. So, I guess I'm really wanting to ignore requests that would normally return a 403.

Actually, if I cannot figure out how to do this, I might just go with an empty custom 403 page. Not exactly what I want, but not too bad.


Apollo77 11-15-2007 08:48 AM

This isn't exactly what I wanted, but it will be ok for now.

In httpd.conf, you can specify custom error docs with "ErrorDocument". Or you can simply specify the actual message you want in double quotes. So, I have added this to my httpd.conf:

ErrorDocument 403 " "

It would not accept an empty string (""), so I put one space character between the quotes and that works.

Now instead of the standard 403 message which identifies I am running apache and gives others details of the server, the user gets a blank page. If you view the source, you see nothing (or one space character if you look carefully).

I am still interested if anyone knows a way to do my original timeout plan instead of 403.

All times are GMT -5. The time now is 11:01 PM.