• For most part, the pfBlockerNG will block the ADs on the web site (ie. yahoo.com), Those ADs sometime NOT showing up, but occasionally, some will still show.

    When I click on the ADs on those shown, most of the time, I will get to page warning me:

    Your connection is not private
    Attackers might be trying to steal your information from beap.gemini.yahoo.com (for example, passwords, messages, or credit cards). Learn more
    NET::ERR_CERT_AUTHORITY_INVALID
    

    That is good. I like to see if there is a way that I can customize this warning page? something like:

    The link you clicked "insert the link here"  has been blocked by your admin. And possible the reason this was blocked and other detail of why it is block
    

  • @txt8888
    That looks like it's a page provided by your browser, not something that pfSense is serving. Usually errors about certificates being invalid are things the browser has within it, and usually aren't customizable. The reason why that certificate message is appearing is because the hostname in the address (beap.gemini.yahoo.com in your example) and the name on the certificate (which isn't provided unless you click the lock in the address bar, then look at the certificate info) don't match.

  • Netgate Administrator

    Yup, that. The cert used by the DNS-BL server is not signed and even if it was it would not match the requested FQDN so you will always see a cert error there on an https page. Which is almost everything these days.

    Steve