Attempting to redirect a portion of a subnet to a particular website/URL:
SecFilterSelective REQUEST_URI "portal.html" log,allow
SecFilterSelective REMOTE_ADDR "^192\.168\.0\.200-210$" log,redirect:
works except for the situation when the browser is first started, in which case I get a standard 404 (oh, at this point, I should probably let you know that I'm intercepting DNS queries from hosts in the
192.168.0.200-210 range and resolving *everything* to 192.168.0.1). So, why is the web server is seeing URL with tail-end that look like this?:
en-us/ie/default.aspx (in the case of the IE start page
firefox?client=firefox-a&rls=org.mozilla:en-US:official (in the case of the firefox start page
I'm not quite understanding why mod_security isn't catching these... but I really don't care either (other than this behavior causes me to have less confidence in mod_security).
What I want to do is just redirect all 404s to http://192.168.0.1/portal.html without having to use .htaccess or mod_redirect (not installed on this particular config).
I've done a modest amount of STFW and can't find anything that indicates if mod_security can handle this or not.
...any help or pointers would be greatly appreciated