Forum

Simulate or redirect to Error (404, 403 etc.)

Alex
17 July 2015, 13:05
Hi folks,
I would like to redirect clients from all IP's except my IP to the Error page eg. Not found error 404. It has to look as realistic as possible. In my case it must look like this. http://www.mysite.com/site/secret/.... All the things whats coming after secret, must redirect to the error site.
What are your suggestions?

Thanks in advance.
Hugo Leisink
17 July 2015, 17:30
I would like to redirect clients from all IP's except my IP to the Error page eg. Not found error 404.

Use AccessList to arange the access and use the ErrorHandler (for 403) to print a not found message.

It has to look as realistic as possible.

Use a CGI script for the ErrorHander and let it output a 404 HTTP error code instead of a 403.

In my case it must look like this. http://www.mysite.com/site/secret/.... All the things whats coming after secret, must redirect to the error site.

I don't understand what you mean by this. 'error site'?
Alex
17 July 2015, 20:44
Hey Hugo,

I mean, everyone except my IP must be redirected from 403 Forbidden to the 404 Not found.
The intent is to deceive the attacker, so that the attacker did not notice anything. Where nothing is, there is nothing to seek
Hugo Leisink
19 July 2015, 08:58
Ok, that can be done as described in my previous post.
Alex
28 July 2015, 11:10
The problem is that Hiawatha works as Proxy Server. If it's not to hard, do you can include this as feature in the next build. I mean, to give a 404 instead of 403, filtered by IP with rewrite rules. It's better to don't show that the lock is existing on this place, you know what I mean
Hugo Leisink
28 July 2015, 11:27
That means that Hiawatha has to change the response data. Sorry, I'm not going to do that. That means parsing, changing and regenerating a HTTP response. Specially because I believe this feature adds very little to security. If you want to change the response, you should do it at the webserver that lies bind the proxy.
This topic has been closed.