Forum

Hi folks,
I would like to redirect clients from all IP's except my IP to the Error page eg. Not found error 404. It has to look as realistic as possible. In my case it must look like this. http://www.mysite.com/site/secret/.... All the things whats coming after secret, must redirect to the error site.
What are your suggestions?

Thanks in advance.

Use AccessList to arange the access and use the ErrorHandler (for 403) to print a not found message.


Use a CGI script for the ErrorHander and let it output a 404 HTTP error code instead of a 403.


I don't understand what you mean by this. 'error site'?

Hey Hugo,

I mean, everyone except my IP must be redirected from 403 Forbidden to the 404 Not found.
The intent is to deceive the attacker, so that the attacker did not notice anything. Where nothing is, there is nothing to seek

Ok, that can be done as described in my previous post.

The problem is that Hiawatha works as Proxy Server. If it's not to hard, do you can include this as feature in the next build. I mean, to give a 404 instead of 403, filtered by IP with rewrite rules. It's better to don't show that the lock is existing on this place, you know what I mean

That means that Hiawatha has to change the response data. Sorry, I'm not going to do that. That means parsing, changing and regenerating a HTTP response. Specially because I believe this feature adds very little to security. If you want to change the response, you should do it at the webserver that lies bind the proxy.