How To Set-up Custom Error Pages in WordPress

I’ve talked previously about How To Protect Your WordPress Site With Some Simple Tweaks To The .htaccess.  In today’s guide, we are going to go one step further and set-up some custom error pages to stop your website from showing sensitive data that a hacker could use to exploit your website.

If you followed the advice in my previous article and enabled directory browsing, for example when you type ‘www.yourdomain.com/wp-content/uploads/’ you should see this error:

wordpress_403_error

This one tells users that a file exists and in some circumstances you may return a default error page that contains information about your webroots file path.  Instead, it’s a lot more secure to only show a blank screen. This can be done quite simply.  First create a file called error.html and use this:

<html>
<head>
</head>
<body>
Nope
</body>
</html>

In your .htaccess file you then need to add this snippet:

ErrorDocument 403 /error.html

Obviously, you can change 403 to any error status you want.  When you now visit ‘www.yourdomain.com/wp-content/uploads/’ you will see this:

wordpress_403_redirect

Conclusion

In today’s guide, we’ve covered how to set-up a custom error page for our newly protected WordPress site.  By using the Redirect command, the error code status and the file we want to redirect to, we can hide potential insecure data being exposed to hackers.

Jon D Jones

Software Architect, Programmer and Technologist Jon Jones is founder and CEO of London-based tech firm Digital Prompt. He has been working in the field for nearly a decade, specializing in new technologies and technical solution research in the web business. A passionate blogger by heart , speaker & consultant from England.. always on the hunt for the next challenge

More Posts

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *