Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Customize the AD block warning page

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 580 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TXT8888
      last edited by

      For most part, the pfBlockerNG will block the ADs on the web site (ie. yahoo.com), Those ADs sometime NOT showing up, but occasionally, some will still show.

      When I click on the ADs on those shown, most of the time, I will get to page warning me:

      Your connection is not private
Attackers might be trying to steal your information from beap.gemini.yahoo.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID

      That is good. I like to see if there is a way that I can customize this warning page? something like:

      The link you clicked "insert the link here"  has been blocked by your admin. And possible the reason this was blocked and other detail of why it is block
      MikeV7896M 1 Reply Last reply Reply Quote 0
      • MikeV7896M
        MikeV7896 @TXT8888
        last edited by

        @txt8888
        That looks like it's a page provided by your browser, not something that pfSense is serving. Usually errors about certificates being invalid are things the browser has within it, and usually aren't customizable. The reason why that certificate message is appearing is because the hostname in the address (beap.gemini.yahoo.com in your example) and the name on the certificate (which isn't provided unless you click the lock in the address bar, then look at the certificate info) don't match.

        The S in IOT stands for Security

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yup, that. The cert used by the DNS-BL server is not signed and even if it was it would not match the requested FQDN so you will always see a cert error there on an https page. Which is almost everything these days.

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.