From owner-freebsd-questions Wed Apr 10 12:25: 4 2002 Delivered-To: freebsd-questions@freebsd.org Received: from tomts13-srv.bellnexxia.net (tomts13.bellnexxia.net [209.226.175.34]) by hub.freebsd.org (Postfix) with ESMTP id A9FF737B43C for ; Wed, 10 Apr 2002 12:24:38 -0700 (PDT) Received: from xena.gsicomp.on.ca ([65.95.178.46]) by tomts13-srv.bellnexxia.net (InterMail vM.4.01.03.23 201-229-121-123-20010418) with ESMTP id <20020410192437.GZJY25090.tomts13-srv.bellnexxia.net@xena.gsicomp.on.ca>; Wed, 10 Apr 2002 15:24:37 -0400 Received: from xena.gsicomp.on.ca (xena.gsicomp.on.ca [192.168.0.3]) by xena.gsicomp.on.ca (8.11.3/8.11.3) with ESMTP id g3AJD7705293; Wed, 10 Apr 2002 15:13:07 -0400 (EDT) (envelope-from matt@xena.gsicomp.on.ca) Date: Wed, 10 Apr 2002 15:13:07 -0400 (EDT) From: Matthew Emmerton To: Lord Raiden Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Good spoof page for Apache?? In-Reply-To: <4.2.0.58.20020409233418.0095a220@pop.netzero.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Rather than going ot all the trouble of "spoofing", why not have Apache return a 403 error (authorization required) for people accessing outside of the office. You can do this based on IP (although I don't have any examples handy.) -- Matthew Emmerton || matt@gsicomp.on.ca GSI Computer Services || http://www.gsicomp.on.ca On Tue, 9 Apr 2002, Lord Raiden wrote: > Hi all. I'm looking at taking one of our servers that's supposed to be > for office use only and open it up to the outside. There's nothing secure > on it, but I don't want just anybody surfing to it and browsing around. So > what I was thinking of doing was in order to fool the average joe who might > get there by accident or intentionally, I want them to think they have > recieved a standard browser error and then leave. > > I've thought about modifying the browser error that IE gives, but I'm not > sure that will work. I want it to look like a legitimate client side error > when they hit the website, yet I want those who know the proper access URL > to still be able to access the site remotely. For example, "mydomain.com/" > would show the mock error, yet "mydomain.com/login.cgi" would still get > them to where they needed to go. I just need a way to spoof an error, not > generate a real one to help keep out nosy bypassers. Any ideas? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message