But this simply stops all files in the directory being read.
I can find plenty of information on the web about using .htaccess files for restricting access, but thats not what I want to do.
Can anyone help?
http://javascriptkit.com/howto/htaccess.shtml
And, your error redirects are failing because you are using an FQDN for your redirect path...the location of your error pages need to be relative to your root directory.
So, ErrorDocument 404 http://www.mydomain.co.uk/error.html is utterly incorrect, while
ErrorDocument 404 /error.html would be correct.
Feyd
Thanks for a link to a good source of info.
That said. I tried what you suggested and still got an internal server error. :(
Stick Options Indexes FollowSymLinks Includes at the very top of your htaccess file, depending on certain machine configurations this can either be required (and if so, will result in a 500 error if not present) or not required.
Just to be sure, does your htaccess ever work? What I mean is, are there other commands in there that work until you add an Error redirect, or have you never used your htaccess before and are unsure if it is the content or that you are not allowed to use htaccess at all? Some hosts will not allow custom htaccess, or they will not allow certain htaccess directives...
htaccess definately works I have used it in this folder to restrict access.
Just to show you what I mean. if I add the following htaccess file to a directory:
*******************************
#Access file
order allow,deny
allow from all
require group site8
Authname WebStats
Authtype Basic
AuthAuthoritative off
*******************************
All works well and I am prompted for a password, if its right I am let in.
Now if I add one line to the above so its like below:
*******************************
#Access file
order allow,deny
allow from all
require group site8
Authname WebStats
Authtype Basic
AuthAuthoritative off
ErrorDocument 404 /sorry.html
*******************************
I immediately get a server error without even having the chance to type in a password!
I don't actually want password protection just error trapping. I tried just the last line on its own and that causes a server error also.
That's strange, same...I've had/seen very similar conditions and not had that problem, though I have pretty much always included Options Indexes FollowSymLinks Includes at they very top of all my htaccess files for safety's sake.
Also, a better method would be to have a global htaccess in your root directory handle all your error trapping and not use error redirects in your sub directories at all, instead allowing the global redirects to take effect. Of course, if you are wanting to protect the entire site, that might cause problems. (thus, if you had a password protected page in a sub dir, and one validated false, the global 401 error code and redirect would take precedent, so long as you did not have a 'closer' htaccess than your global, and it did not contain error codes to override the global/root level htaccess)
Technically, your error redirects should be pretty high up in your htaccess, if not the first (second, if you use the code I posted above) lines in the file. Secondly, your http authorization seems a bit off, but I don't know if you've removed lines for your protection.
Secondly, does your host already have custom error pages setup? Often times a host will pre-set them or pre-config them to be a certain naming convention only, and if you try to run your own directive that would override their error pages, you could potentially run into an error like this.
I am using a leased Cobalt RaQ4 with around 10 virtual sites on it. So there isn't a "host" in the conventional sense. I am therefore assuming there is no other custom error messages.
It would be great if I could put a htaccess file in the root directory to cover all virtual sites. But I am not sure this is possible, but just succeeding in one site would be a start.