Looking at the 403 forbidden custom error page
If you decide to use allow
and deny
directives to allow or deny access, respectively, to a resource on your server, clients who are being denied access will usually fall back on a 403 Forbidden
error page. Imagine you have carefully set up a custom, user-friendly 403 error page for your clients to understand why they are denied access. Unfortunately, you cannot get that custom page to work, and clients still get the default NGINX 403 error page:
server { [...] allow 192.168.0.0/16; deny all; error_page 403 /error403.html; }
The problem is simple: NGINX also denies access to your custom 403 error page! In such a case, you need to override the access rules in a location
block specifically matching your page. You can use the following code to allow access to your custom 403 error page only:
server { [...] location / { error_page 403 /error403.html; allow 192.168.0.0/16; deny all; } location = /error403.html { allow all; } }
If you are going to have more than just one error page, you could specify a location
block matching all error page filenames:
server { [...] location / { error_page 403 /error403.html; error_page 404 /error404.html; allow 192.168.0.0/16; deny all; } location ~ "^/error[0-9]{3}.html$" { allow all; } }
All your visitors are now allowed to view your custom error pages.