From 2a5b05b3209065a91aba8a7bc172d082aaf8c005 Mon Sep 17 00:00:00 2001
From: Joby Elliott <code@byjoby.com>
Date: Wed, 23 Oct 2024 19:37:16 -0600
Subject: [PATCH] Refactor error page handling and configuration

Simplify the error page handling and configuration by refactoring the code. Removed the unnecessary error message "IP banned for bad behavior" and replaced it with a generic 403 error response. Also, added new error pages for 404, 503, and 50x errors. The error pages are now stored in the /var/www/error-pages directory. Updated the nginx configuration to use the new error pages and added PHP handling for the error pages.
---
 install/01-nginx-default-root.sh       |  2 +-
 install/error-pages.sh                 | 38 ++++++++++++
 install/error-pages/403.html           | 69 ++++++++++++++++++++++
 install/error-pages/404.html           | 69 ++++++++++++++++++++++
 install/error-pages/503.html           | 80 ++++++++++++++++++++++++++
 install/error-pages/50x.html           | 80 ++++++++++++++++++++++++++
 install/nginx-conf/10-error-pages.conf | 58 +++++++++++++++++++
 site-config.conf                       |  2 +-
 8 files changed, 396 insertions(+), 2 deletions(-)
 create mode 100644 install/error-pages.sh
 create mode 100644 install/error-pages/403.html
 create mode 100644 install/error-pages/404.html
 create mode 100644 install/error-pages/503.html
 create mode 100644 install/error-pages/50x.html
 create mode 100644 install/nginx-conf/10-error-pages.conf

diff --git a/install/01-nginx-default-root.sh b/install/01-nginx-default-root.sh
index ee3c783..f6afa28 100755
--- a/install/01-nginx-default-root.sh
+++ b/install/01-nginx-default-root.sh
@@ -44,7 +44,7 @@ server {
 
     # Check for banned IPs
     if (\$is_banned) {
-        return 403 "IP banned for bad behavior";
+        return 403;
     }
 
     location / {
diff --git a/install/error-pages.sh b/install/error-pages.sh
new file mode 100644
index 0000000..9bf4191
--- /dev/null
+++ b/install/error-pages.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+# Check if script is run as root
+if [ "$EUID" -ne 0 ]; then 
+    echo "Please run as root or with sudo"
+    exit 1
+fi
+
+# Get the directory where this script is located
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+# Define source and destination directories using absolute path
+SRC_DIR="$SCRIPT_DIR/error-pages"
+DEST_DIR="/var/www/error-pages"
+
+# Check if source directory exists
+if [ ! -d "$SRC_DIR" ]; then
+    echo "Source directory '$SRC_DIR' not found"
+    exit 1
+fi
+
+# Create destination directory if it doesn't exist
+mkdir -p "$DEST_DIR"
+
+# Copy all .conf files
+echo "Copying configuration files..."
+cp -v "$SRC_DIR"/*.conf "$DEST_DIR/"
+
+# Set proper permissions
+echo "Setting permissions..."
+
+# Set directory ownership and permissions
+sudo chown root:root /var/www/error-pages
+sudo chmod 755 /var/www/error-pages
+
+# Set file ownership and permissions
+sudo chown root:root /var/www/error-pages/*
+sudo chmod 644 /var/www/error-pages/*
diff --git a/install/error-pages/403.html b/install/error-pages/403.html
new file mode 100644
index 0000000..a046924
--- /dev/null
+++ b/install/error-pages/403.html
@@ -0,0 +1,69 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>403 Forbidden</title>
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+      line-height: 1.6;
+      max-width: 600px;
+      margin: 40px auto;
+      padding: 0 20px;
+      color: #333;
+      background: #fff;
+    }
+
+    h1 {
+      font-size: 24px;
+      margin-bottom: 16px;
+      color: #d00;
+    }
+
+    p {
+      margin: 12px 0;
+    }
+
+    .help {
+      background: #f5f5f5;
+      border-left: 4px solid #ddd;
+      padding: 12px;
+      margin: 20px 0;
+    }
+
+    @media (prefers-color-scheme: dark) {
+      body {
+        background: #222;
+        color: #ddd;
+      }
+
+      h1 {
+        color: #ff4444;
+      }
+
+      .help {
+        background: #333;
+        border-left-color: #555;
+      }
+    }
+  </style>
+</head>
+
+<body>
+  <main role="main">
+    <h1>403 Access Forbidden</h1>
+    <p>Sorry, you don't have permission to access this resource.</p>
+    <div class="help">
+      <p>If you believe this is a mistake:</p>
+      <ul>
+        <li>Check if you're properly logged in</li>
+        <li>Verify you have the correct URL</li>
+        <li>Contact the site administrator if problems persist</li>
+      </ul>
+    </div>
+  </main>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/install/error-pages/404.html b/install/error-pages/404.html
new file mode 100644
index 0000000..e703ee3
--- /dev/null
+++ b/install/error-pages/404.html
@@ -0,0 +1,69 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>404 Not Found</title>
+    <style>
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+            line-height: 1.6;
+            max-width: 600px;
+            margin: 40px auto;
+            padding: 0 20px;
+            color: #333;
+            background: #fff;
+        }
+
+        h1 {
+            font-size: 24px;
+            margin-bottom: 16px;
+            color: #d00;
+        }
+
+        p {
+            margin: 12px 0;
+        }
+
+        .help {
+            background: #f5f5f5;
+            border-left: 4px solid #ddd;
+            padding: 12px;
+            margin: 20px 0;
+        }
+
+        @media (prefers-color-scheme: dark) {
+            body {
+                background: #222;
+                color: #ddd;
+            }
+
+            h1 {
+                color: #ff4444;
+            }
+
+            .help {
+                background: #333;
+                border-left-color: #555;
+            }
+        }
+    </style>
+</head>
+
+<body>
+    <main role="main">
+        <h1>404 Page Not Found</h1>
+        <p>Sorry, we couldn't find the page you're looking for.</p>
+        <div class="help">
+            <p>You might want to:</p>
+            <ul>
+                <li>Double-check the URL for typos</li>
+                <li>Go back to the <a href="/">homepage</a></li>
+                <li>Check if the content has moved or been renamed</li>
+            </ul>
+        </div>
+    </main>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/install/error-pages/503.html b/install/error-pages/503.html
new file mode 100644
index 0000000..8dd2b8d
--- /dev/null
+++ b/install/error-pages/503.html
@@ -0,0 +1,80 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>503 Service Unavailable</title>
+  <meta http-equiv="refresh" content="30">
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+      line-height: 1.6;
+      max-width: 600px;
+      margin: 40px auto;
+      padding: 0 20px;
+      color: #333;
+      background: #fff;
+    }
+
+    h1 {
+      font-size: 24px;
+      margin-bottom: 16px;
+      color: #d00;
+    }
+
+    p {
+      margin: 12px 0;
+    }
+
+    .help {
+      background: #f5f5f5;
+      border-left: 4px solid #ddd;
+      padding: 12px;
+      margin: 20px 0;
+    }
+
+    .note {
+      font-size: 0.9em;
+      color: #666;
+    }
+
+    @media (prefers-color-scheme: dark) {
+      body {
+        background: #222;
+        color: #ddd;
+      }
+
+      h1 {
+        color: #ff4444;
+      }
+
+      .help {
+        background: #333;
+        border-left-color: #555;
+      }
+
+      .note {
+        color: #999;
+      }
+    }
+  </style>
+</head>
+
+<body>
+  <main role="main">
+    <h1>503 Temporarily Unavailable</h1>
+    <p>The site is currently undergoing maintenance and will be back shortly.</p>
+    <div class="help">
+      <p>What you should know:</p>
+      <ul>
+        <li>This is likely planned maintenance</li>
+        <li>The site should be back online soon</li>
+        <li>This page will automatically refresh every 30 seconds</li>
+      </ul>
+    </div>
+    <p class="note">If you continue to see this message for an extended period, please check back later.</p>
+  </main>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/install/error-pages/50x.html b/install/error-pages/50x.html
new file mode 100644
index 0000000..c7e2585
--- /dev/null
+++ b/install/error-pages/50x.html
@@ -0,0 +1,80 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Server Error</title>
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+      line-height: 1.6;
+      max-width: 600px;
+      margin: 40px auto;
+      padding: 0 20px;
+      color: #333;
+      background: #fff;
+    }
+
+    h1 {
+      font-size: 24px;
+      margin-bottom: 16px;
+      color: #d00;
+    }
+
+    p {
+      margin: 12px 0;
+    }
+
+    .help {
+      background: #f5f5f5;
+      border-left: 4px solid #ddd;
+      padding: 12px;
+      margin: 20px 0;
+    }
+
+    .error-code {
+      font-size: 0.9em;
+      color: #666;
+      margin-top: 20px;
+    }
+
+    @media (prefers-color-scheme: dark) {
+      body {
+        background: #222;
+        color: #ddd;
+      }
+
+      h1 {
+        color: #ff4444;
+      }
+
+      .help {
+        background: #333;
+        border-left-color: #555;
+      }
+
+      .error-code {
+        color: #999;
+      }
+    }
+  </style>
+</head>
+
+<body>
+  <main role="main">
+    <h1>Server Error</h1>
+    <p>Sorry, something went wrong on our end while processing your request.</p>
+    <div class="help">
+      <p>What you can try:</p>
+      <ul>
+        <li>Refresh the page (the error might be temporary)</li>
+        <li>Try again in a few minutes</li>
+        <li>Clear your browser cache if the problem persists</li>
+      </ul>
+    </div>
+    <p class="error-code">Error <!--# echo var="status" default="500" --></p>
+  </main>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/install/nginx-conf/10-error-pages.conf b/install/nginx-conf/10-error-pages.conf
new file mode 100644
index 0000000..4c281e8
--- /dev/null
+++ b/install/nginx-conf/10-error-pages.conf
@@ -0,0 +1,58 @@
+# Global error pages
+error_page 403 /403.html;
+error_page 404 /404.html;
+error_page 500 502 504 /50x.html;
+error_page 503 /503.html;
+
+# Global error handler locations
+location = /403.html {
+    internal;
+    try_files 
+        $document_root/403.php 
+        $document_root/403.html 
+        /var/www/error-pages/403.php 
+        /var/www/error-pages/403.html 
+        =403;
+    fastcgi_intercept_errors on;
+}
+
+location = /404.html {
+    internal;
+    try_files 
+        $document_root/404.php 
+        $document_root/404.html 
+        /var/www/error-pages/404.php 
+        /var/www/error-pages/404.html 
+        =404;
+    fastcgi_intercept_errors on;
+}
+
+location = /503.html {
+    internal;
+    try_files 
+        $document_root/503.php 
+        $document_root/503.html 
+        /var/www/error-pages/503.php 
+        /var/www/error-pages/503.html 
+        =503;
+    fastcgi_intercept_errors on;
+}
+
+location = /50x.html {
+    internal;
+    try_files 
+        $document_root/50x.php 
+        $document_root/50x.html 
+        /var/www/error-pages/50x.php 
+        /var/www/error-pages/50x.html 
+        =500;
+    fastcgi_intercept_errors on;
+}
+
+# PHP handling for error pages
+location ~ ^/(?:403|404|503|50x)\.php$ {
+    internal;
+    include fastcgi_params;
+    fastcgi_param SCRIPT_FILENAME $request_filename;
+    fastcgi_pass unix:/var/run/php/php-fpm.sock;  # Adjust this path as needed
+}
diff --git a/site-config.conf b/site-config.conf
index 4a3b245..fb95af9 100644
--- a/site-config.conf
+++ b/site-config.conf
@@ -19,7 +19,7 @@ server {
 
     # Check for banned IPs
     if ($is_banned) {
-        return 403 "IP banned for bad behavior";
+        return 403;
     }
 
     # Apply general rate limit