Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Customize the AD block warning page

    General pfSense Questions
    3
    3
    92
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TXT8888 last edited by

      For most part, the pfBlockerNG will block the ADs on the web site (ie. yahoo.com), Those ADs sometime NOT showing up, but occasionally, some will still show.

      When I click on the ADs on those shown, most of the time, I will get to page warning me:

      Your connection is not private
Attackers might be trying to steal your information from beap.gemini.yahoo.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID

      That is good. I like to see if there is a way that I can customize this warning page? something like:

      The link you clicked "insert the link here"  has been blocked by your admin. And possible the reason this was blocked and other detail of why it is block
      virgiliomi 1 Reply Last reply Reply Quote 0
      • virgiliomi
        virgiliomi @TXT8888 last edited by

        @txt8888
        That looks like it's a page provided by your browser, not something that pfSense is serving. Usually errors about certificates being invalid are things the browser has within it, and usually aren't customizable. The reason why that certificate message is appearing is because the hostname in the address (beap.gemini.yahoo.com in your example) and the name on the certificate (which isn't provided unless you click the lock in the address bar, then look at the certificate info) don't match.

        1 Reply Last reply Reply Quote 0
        • stephenw10
          stephenw10 Netgate Administrator last edited by

          Yup, that. The cert used by the DNS-BL server is not signed and even if it was it would not match the requested FQDN so you will always see a cert error there on an https page. Which is almost everything these days.

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense Plus
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy