Results 1 to 3 of 3

Thread: WordPress Incorrect HTTP Reponse When Page Not Found

  1. #1
    vectro's Avatar
    vectro is offline I Like Stuff
    Join Date
    Dec 2008
    Location
    U.S.A.
    Posts
    633
    Thanks
    192
    Thanked 104 Times in 82 Posts

    WordPress Incorrect HTTP Reponse When Page Not Found

    One WordPress site on one of my servers is giving an incorrect HTTP response code when a page can not be found. On the end-user side, the user sees a custom 404 page. But on the web-server side Apache is giving a 200 or 300 response (not sure which one) instead of a 404 response. Other WP sites on the same server give the correct response code.

    This error was discovered by McAffee SiteAdvisor:

    It appears that the Web site freewomensblogs.com (or www.freewomensblogs.com) is returning an HTTP 2xx or 3xx status response code in the header of 404 pages.

    We cannot verify a Web site that is configured this way because it allows anyone to verify themselves as the owner of your site. Please update your Web site server configuration to return 404 status codes in the headers for pages that do not exist. Once your site is configured this way then you can return and request a file name verification.
    Please help.

    This is the .htaccess file which is currently in use on the site:

    Code:
    RewriteEngine On
    RewriteBase /
    
    #uploaded files
    RewriteRule ^(.*/)?files/$ index.php [L]
    RewriteRule ^(.*/)?files/(.*) wp-content/blogs.php?file=$2 [L]
    
    # add a trailing slash to /wp-admin
    RewriteCond %{REQUEST_URI} ^.*/wp-admin$
    RewriteRule ^(.+)$ /$1/ [R=301,L]
    
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule . - [L]
    RewriteRule  ^([_0-9a-zA-Z-]+/)?(wp-.*) $2 [L]
    RewriteRule  ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
    RewriteRule . index.php [L]
    
    <IfModule mod_security.c>
    <Files async-upload.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </Files>
    
    RewriteCond %{HTTP_HOST} ^freewomensblogs.info$ [OR]
    RewriteCond %{HTTP_HOST} ^www.freewomensblogs.info$
    RewriteRule ^(.*)$ "http\:\/\/freewomensblogs\.com\/" [R=301,L]
    
    
    RewriteCond %{HTTP_REFERER} !^http://(.+\.)?freewomensblogs\.com/ [NC]
    RewriteCond %{HTTP_REFERER} !^$
    RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L]
    
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    
    # END WordPress

  2. #2
    TopDogger's Avatar
    TopDogger is offline Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,107
    Thanks
    350
    Thanked 919 Times in 703 Posts
    The problem might be with McAffee. I just checked a couple of pages with a header checker and WordPress is generating a proper status code 404.

    http://web-sniffer.net/


    Is there a specific page that McAffee says is generating the wrong status code? There could be a conflict with certain pages.

    It looks like there may be both old and new WordPress code in the .htaccess, plus a 301 redirect that is no longer necessary. WordPress generates its own 301 and 404 status codes for most pages.

    It also looks like there is a missing closing conditional tag for checking to see if mod_security is active. I'm not sure why that is in there.

    You no longer need the code to add the training slash to wp-admin

    Let's try stripping it down a bit. Try replacing the .htaccess with this and see what happens. Keep a copy of the old .htaccess just in case something else doesn't work correctly.
    Code:
    RewriteEngine On
    RewriteBase /
    
    #uploaded files
    RewriteRule ^(.*/)?files/$ index.php [L]
    RewriteRule ^(.*/)?files/(.*) wp-content/blogs.php?file=$2 [L]
    
    <IfModule mod_security.c>
    <Files async-upload.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </Files>
    </IfModule>
    
    
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  3. Thanked by:

    vectro (25 July, 2011)

  4. #3
    vectro's Avatar
    vectro is offline I Like Stuff
    Join Date
    Dec 2008
    Location
    U.S.A.
    Posts
    633
    Thanks
    192
    Thanked 104 Times in 82 Posts
    The problem turned out to be the 301 redirect from freewomensblogs.info to freewomensblogs.com

    Code:
    RewriteCond %{HTTP_HOST} ^freewomensblogs.info$ [OR]
    RewriteCond %{HTTP_HOST} ^www.freewomensblogs.info$
    RewriteRule ^(.*)$ "http\:\/\/freewomensblogs\.com\/" [R=301,L]
    Removing that fixed it so 404 pages show a true 404 response code.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •