How can I change 403 Forbidden message to 404 Not Found message
Application Type

Anyone knows how to modify or change this message 403 forbidden to 404 not found to avoid browsable web directory. Thanks!


Your screenshot doesn't seem to be a webpage generated by OutSystems (it ends with .php).

So how is your question OutSystems related?



Let me check with our lead, this one was raise by VAPT findings.

Hello Daniel, 
to answer your question, the base url in the image is also the link we use for Outsystems Service Studio, and where we accessing the environment.

But it cannot be a valid URL, no OutSystems URL ends with .php

In addition to Daniel's answer, Service Studio is a Windows (or Mac) application, it cannot be started via the browser.

I think I understand the issue, if you request any page including .PHP from an OutSystems environment you will get the 403 forbidden (404 for personal environments). 

I think this is because the OutSystems is set to deny any PHP requests in the AWS LoadBalancers. So my guess is this can't be changed. 

What do you mean by "requesting [a] page (...) from an OutSystems environment"?

{sub domain}.outsystemsenterprise.com/Discovery/Dummy.php

When I check this URL in our enterprise environment I get a 403 exactly like the screenshot.

My guess is OutSystems uses AWS Web Application Firewall, to deny any PHP requests

Noted on this answers guys, thank you!

Hello guys,
I think my thoughts about this issue is somehow connected on this one 


The problem is I am having a hard time figuring out how to apply, can you have basic explanation for this?  I already added the configuration listed on the link and how can I apply it on the OS. Thanks!


I am having this warning that the configuration is invalid


This is not gonna work, because the error is implemented on the Firewall level and not on the application level, so there is no manipulation possible by developers, only by OutSystems, because in cloud environments you can't access the Firewall and Loadbalancers

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.