Intentional Routes to Error Pages

[ScottHamper]

Hey All,

Are there any built-in routes for purposefully triggering specific error pages? I'd like to tweak the default .htaccess file to rewrite URLs for sensitive files (e.g., dotfiles) so that the 404 page is displayed. Currently, the .htaccess file does a 301 redirect to /error, which leaks information on whether or not a file exists on the filesystem (redirect? it exists. no redirect? it does not exist). In either case, the HTTP response status is 404 (instead of, for example, 403 Forbidden), which is good, but I'd like my 404s to be consistent in not redirecting users away from the URL they originally accessed.

I've found that I can simply rewrite the URL to index.php and it will trigger the Grav 404 page for these files. Is this solution ideal/adequate, or are there possible edge cases that will produce inconsistent results? Is there another solution entirely? Though my use case at the moment is really only concerned with explicitly routing to the 404 page, would it make sense to support routing to any HTTP error status code page?

Regards, --- Scott

EDIT: After looking into this more, it seems like the current behavior actually differs depending on platform. For example, the .htaccess file does cause a 403 Forbidden to occur, while the web.config file causes a redirect to /error which responds with a 404. Regardless, my end goal is to always return a 404 and never redirect.

[CarlSinclair]

I just simplified things by making all errors present as 404. The user doesn't need to know (nor care) what's causing the error.