On disabling a site using Nginx, I expected to see a message that the site has been disabled as per the documentation. However, I simply get a 404, which provides a terrible user experience.
404 Not Found
nginx/1.4.6 (Ubuntu)
I don't expect the request to get redirected to a page on the Aegir site itself, as I agree that this would lead to unnecessary information disclosure (as discussed in #269743: Configurable site disabled and site maintenance splash pages.). I'd rather not broadcast the location of the administration site.
However, we should offer some sort of message like so:
This site has been disabled. Please contact the site owner to have it re-enabled.
Also, we should probably return a 403 instead of a 404 as per HTTP 401 Unauthorized or 403 Forbidden for a “disabled” user?.
Looks like the 404 is returned in Nginx/vhost_disabled.tpl.php. How about if we return 403 along with an error page including the above message as per Nginx: Custom Error 403 Page Not Working with IP Deny Configuration?
Comments
Comment #2
gboudrias CreditAttribution: gboudrias at Praxis Labs Coop commentedIf possible this behavior should be made consistent with the Apache version, which redirects to hosting/disabled/ (302).
Comment #3
omega8cc CreditAttribution: omega8cc commentedSince we have included the if/else logic for BOA specific stuff while working on un-forking Aegir used in BOA, we could restore the default behaviour used in Apache, I think.
Comment #6
omega8cc CreditAttribution: omega8cc commentedFixed!
Comment #7
colan@omega8cc: Thanks! Works well for me.
We can deal with the issue of not linking to the Aegir site elsewhere.