I followed "jj's" advice, except for one problem. Since the user is blocked, the system cannot access the Error Document for display. This results in >>

Forbidden
You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.


Do I have to "block" specific directories instead of "/" & place the error documents in a non-blocked directory??

My .htaccess file is>>>

ErrorDocument 403 /htdocs/error403.html

<Limit GET>
order deny,allow
deny from 152.163. 205.188. 167.7. 64.12. 24.158.64.230

Options -Indexes

</Limit>

Again, thanks in advance for any help...

You will probably have to place the error documents in an unblocked directory. You could try something like blocking only your htdocs directory, then placing the error documents in your cgi-bin, and make the necessary change to your htaccess file, like this:

ErrorDocument 403 /cgi-bin/error403.html


Try that, and if it doesn't work, maybe somebody else here has a better idea.

How do you block a directory only???

put the .htaccess in the directory you wish to block.

If you block htdocs this does every directory in it as well.

For a custom error page, you need to put the .htaccess file in your htdocs folder. Then include this:

ErrorDocument 403 http://www.yoursite.com/error.html

Put your whole address in...not just the server folder.

Good Luck

Yes, but what he's trying to say (I think) is that if the whole htdocs directory is blocked, and the error document is in the htdocs folder, won't it be blocked as well?

Maybe if you use the same .htaccess (which you would)...but the error code before the password script. Then they would hit the error first.

You have to put the ErrorDocument in the htdocs folder...you can't go above that level for this.

According to larryb's first post, his ErrorDocument line is at the top of his htaccess. And yes, you can't put anything in the very top folder, so I was wondering if it would work to put the error document in the cgi-bin. Then use:
ErrorDocument 403 http://www.yoursite.com/cgi-bin/error.html

This should work, shouldn't it? (Assuming the cgi-bin is not blocked as well.)

- Jeff

I couldn't get it working with the cgi-bin. I tried putting a .html file in and chmod it to 777...and nothing. Maybe I'm missing something??

I wouldn't protect your whole htdoc folder...whats the point in having the site. You can protect all the folders beneath that...just leave the main htdocs open. Its up to what you want to do.

Good Luck

Ok, well if that doesn't work I would have to agree... just don't block your whole htdocs -- only subdirectories.

If you use more than one function in your .htaccess file, Try them in this order.

Redirects

Rewrite Section
Index Disabling
Sub Domains
Anti-Leech

Custom Error Pages

What do you mean by "Index Disabling", something like "Options -Indexes" ?

Yes

I tried the sub-directory route & it worked great!! I need to get my website organized into different directories anyway.

The forums are great...

Larry