When a web server returns 403 Access Forbidden status code, it indicates that the requested URL is correct but the user does not have the permission to access it. This can open up your website to security vulnerabilities and malicious attacks. So it is advisable to redirect 403 status code to 404 response on your website. Here are the steps to redirect 403 to 404 in Apache web server. When your website returns 404 response code, instead of 403 then the users will not be able to figure out if it is a valid URL or not.
How to Redirect 403 to 404 in Apache
Here are the steps to redirect 403 to 404 in Apache.
1. Create 404 page
Open terminal and run the following command to create a page (say 404.html) that will be returned as a 404 response. If you have already created for responding to 404 status codes, then you can skip this step.
$ sudo vi /var/www/html/404.html
Save and exit this file.
Please note, this page needs to be created at DocumentRoot that is /var/www/html
Also read : How to Install Pip in Ubuntu
2. Redirect 403 response to 404
We will use ErrorDocument directive to return 404.html page when server returns 403 response. Add these lines to your Apache server configuration file (at /etc/httpd/apache.conf) or .htaccess file (at /var/www/html/.htaccess).
ErrorDocument 403 /404.html ErrorDocument 404 /404.html
The above two lines tell Apache to return 404.html file whenever there is a 403 or 404 response.
Also read : How to Enable Gzip in NGINX
3. Restart Apache Server
Restart Apache web server to apply changes.
$ sudo service apache2 restart
Also read : How to Redirect Subfolder to Root in Apache
That’s it. Now Apache web server will return 404 file we created above, when there is a 403 status code response. If you also use NGINX server, you may be interested in reading how to redirect 403 to 404 in NGINX.