Last updated 19 April 2016. Created on 14 August 2013.
Edited by junghandy, DaPooch, gisle, 3lackRos3. Log in to edit this page.

The CustomError module lets the site administrator create custom error pages for HTTP status codes 404 (not found), and 403 (access denied), without the need to create nodes for each of them.


Please see the README.txt document included with this module for installation instructions.

See also: Installing contributed modules.

Using custom PHP to give user the option to login

Here is an example of how to add custom PHP to a custom 403 page to give the user the option to login:

global $user;
if ($user->uid == 0) {
  $output = '<p>';
  $output .= t('If your user account has access to this page, please !message.',
    array('!message' =>
      l('log in', 'user'),
  $output .= '</p>';
  print $output;

Remember to tick the box to the left of: "Allow PHP code to be executed for 403".

Note that customerror keeps track of what page the user is trying to access, so after logging in, the user will be redirected to that page.

Custom redirects for 404 errors

It is possible to set up custom redirects for status code 404 (not found).

For example if you had a page called foo and a page called xyz, then you moved them to a page called bar, and abc respectively, you can setup a redirect pair of:

^foo$ bar
^xyz$ abc

The first pair will transparently redirect users trying to access to The second pair will transparently redirect users trying to access to

You can have multiple pairs of redirects. Each must be on a line by itself.

Note that the first argument is a regexp, and the second argument is a path. You have to use one space between them, and enter each pattern on a line by itself. You cannot use variables.

For more flexible URL rewriting, including variables, you may consider using an external URL rewrite engine, such as Apache mod_rewrite.

Note: If you've set up the default editor for text fields to be a WYSIWYG editor, it will probably add formatting tags that makes any redirects fail.

Custom theming error pages

Note: To avoid hacking a core or contributed theme, it is recommended that you create a sub-theme below the sites directory for all customization, unless you're already working with a custom theme. Creating a sub-theme is not covered in this section, but you may read Creating a sub-theme.

You may create custom theming of the error pages, using one of two methods:

  1. By overriding the module's theme function.
  2. By overriding the page template file.

To override module's theme function (theme_customerror($variables)), place a function named THEME_customerror (where “THEME” is the name of the theme in use) in template.php.

The HTTP status code (currently 403 or 404) is in $variables['code'], and the message content is in $variables['content'].

To override the page template file for both the 403 and 404 error pages, duplicate the current theme's page.tpl.php to be page--customerror.tpl.php* and then modify the copy to produce the output style you want.

If you want to have a different template for the 403 and 404 pages, duplicate the current theme's page.tpl.php page to be page--customerror--403.tpl.php* and page--customerror--404.tpl.php*, and then modify each to produce the output styles you want. You do not need a page--customerror.tpl.php* for this to work.

*) The instructions above are for Drupal 7. For Drupal 6 and older, replace all double hyphens with a single hyphens. I.e. page--customerror--403.tpl.php becomes page-customerror-403.tpl.php.


  • Why don't this module allow me to set up custom redirects for 403 (forbidden) like it does for 404 (not found)?

To provide a means to manage redirects to individual alternative pages for premium pages is beyond the scope of this module.

  • I want to prevent robots from indexing my custom error pages by setting the robots meta tag in the HTML head to NOINDEX.

There is no need to. CustomError returns the correct HTTP status codes (403 and 404). This will prevent robots from indexing the error pages.

No. CustomError is only designed to provide a custom error page when the page is processed by Drupal. The .htaccess file that comes with Drupal will catch some attempts to access forbidden directories before Drupal even see the requests. These access attempts will get the default Apache 403 error document, unless you use the Apache ErrorDocument directive to override this, e.g:

ErrorDocument 403 /error/403.html

For more information about this, see the Apache documentation on custom errors.

Looking for support? Visit the forums, or join #drupal-support in IRC.


scotty’s picture

My user login block settings were set to be visible only on the page. When trying to access a prohibited page, customerror displayed my 403 page but I wanted to give the user to option to login. Instead of adding a link using custom PHP as documented above and in the customerror README.txt, I added the path customerror/* to the block visibility setting and the user login block successfully appeared on the same page as the 403 text.