user-access-manager icon indicating copy to clipboard operation
user-access-manager copied to clipboard
verified publisher icon GM-Alex

403 instead of 404

Open dhunink opened this issue 8 years ago • 2 comments

Hi,

I am trying out some different combinations of settings for the plugin. When the most simple version, Hide complete, is used, the user will receive a 404 error on trying to visit a page for which the user does not have access rights. Wouldn’t it make sense to throw a 403 (forbidden) error (or let users select wether to throw a 404 or 403 error)? Technically 404 is incorrect; the page does exists.

In my case that would be very very helpful, so I could style my 403 and 404 error pages differently, which is in my opinion more user-friendly.

dhunink avatar Oct 12 '17 19:10 dhunink

If you choose hide content completely and we show a 403 error you could guess the content. Some users are companies using the plugin for sensitive data and even knowing that an article is there could be a problem. Making an option for the handling of hidden pages could be a solution but I'm also filtering hidden contents from at the queries so I'm not sure if I'm able to deliver a 403. If yes I will add an option for that otherwise I will not change the current behavior.

GM-Alex avatar Oct 20 '17 06:10 GM-Alex

Hi,

I get a 404 message even though I set the Hide Complete option to no. Is it possible that has led to an update to this behavior? Because it has already worked that the user has received a message that he is not authorized to view the content. is there a way to manually adjust the 404 message. My 404 redirections of Wordpress do not work with the UAM plugin.

I would be very happy about a short answer.

Best regards

limpbiz avatar Jan 05 '18 07:01 limpbiz