Very Computer

I have just rebuilt a web server upgrading from 1.3.9 with php3 to
Apache 1.3.12 with PHP/4.0.1pl2 and mod_ssl/2.6.4.

All seems ok except for my custom 401 error messages. Instead of returning
a 401 response it appears that the server returns my 401.html with status
200 so the browser just displays it instead of asking for user/passwd info.

If I have

   ErrorDocument 401 /errors/401.html

set in the config the I get the following when requesting a page that
requires authentication:

  HTTP/1.1 200 OK
  Date: Thu, 27 Jul 2000 16:11:54 GMT
  Server: Apache/1.3.12 (Unix) PHP/4.0.1pl2 mod_ssl/2.6.4 OpenSSL/0.9.5a
  WWW-Authenticate: Basic realm="staff"
  X-Powered-By: PHP/4.0.1pl2
  Connection: close
  Content-Type: text/html

followed by the contents of my error document (which the browser displays
due to the 200 code I assume)

If I then remove the custom ErrorDocument and repeat the test I get:

  HTTP/1.1 401 Authorization Required
  Date: Thu, 27 Jul 2000 16:14:56 GMT
  Server: Apache/1.3.12 (Unix) PHP/4.0.1pl2 mod_ssl/2.6.4 OpenSSL/0.9.5a
  WWW-Authenticate: Basic realm="staff"
  Connection: close
  Content-Type: text/html; charset=iso-8859-1

followed by the contents of my error document. This time the browser
asks (correctly) for the user/passwd.

Searching dejanews shows that other people seem to have seen this but no
obvious fixes/explainations. I can't find anything in the FAQ or apache
docs.

Is it a bug? Is there a patch? Am I going mad?

Cheers,

Darren

I know, following up to myself and all that.....

Anyway, I have done a bit more digging this morning and it seems that *all*
of my ErrorDocuments seem to be failing in the same way. A 1.3.9 version
of the server seems to be ok but the 1.3.12 is not (the .12 version does
have SSL and php4 included though - could the problem be there?)

Am I missing something obvious here!

Darren