DOfficial
Reputation: 465
Magento Nginx 403 as 404 rewrite to controller 404
So I am trying to protect sensitive information in Magento and I want 404 to be returned as HTTP status code instead of 403 for restricted pages so that potential threats are not aware that the directory they are accessing even exists.
location ^~ /supersecretdirectory/ {
return 404;
}
However what I get is the default Nginx 404. Is there a way to force Nginx use Magento's 404 page?
Upvotes: 0
Views: 249
Answers (1)
DOfficial
Reputation: 465
By Defining CMS No Route Page in Magento admin you can internally rewrite nginx 404 to magento 404 by
# retun 404 for sensitive directory
location ^~ /supersecretdirectory/ {
return 404;
}
# route nginx 404 to Magento 404
error_page 404 /your-CMS-no-route.html;
location = /your-CMS-no-route.html {
root /path/to/root;
internal;
}
Upvotes: 1
Related Questions
- nginx location 404 not found
- Node.js + Nginx - What now?
- Nginx -- static file serving confusion with root & alias
- nginx backend returns 404, when using intercept directive it returns 403
- How nginx process =404 fallback in try_files
- Nginx custom error page and geoip block.
- Access denied: 403 or 404?
- Setup Wordpress with Magento using Ngix shows 404 Error
- 404 vs 403 when directory index is missing
- Magento returns 404 error on all browsers except Firefox