It also just occured to me, that you could simply use a virtual host in your apache configuration instead of running another instance of the web server. Simply set up a virt host on a high port, include the redirect in pf, and have the virtual host serve from a different directory
On 12/7/05, Webcharge <[EMAIL PROTECTED]> wrote: > Hello, > > The error log of our webserver is parsed for vulnerability scanning IP's and > once caught they get blocked by PF. > I've included various common scriptnames that are exploitable but was > recently presented with a problem where one of our > users locked himself out by installing (and browsing) to such a scriptname. > Obviously they thought the server was down, > resulting in panic, phonecalls and angry faces... > > Therefore I would like to be able to present IP addresses from a certain > table with a special page stating they have > been blocked because of scanning and they should get in contact to get > unblocked. > > My current setup is a single NIC machine with multiple real IP addresses > attached. > I was wondering if I could assign one IP address as the warning page setup > (VirtualHost in Apache) and rdr to that? > Or would this create a loop? > Because this is a live server and I am not very experienced with PF I am > reluctant to experiment and thought I'd ask first. > > Any other suggestions to solve this problem are also more than welcome. > > Thank you in advance, > > Matt > >
