Setting a custom 404 page instead of the login page

loebas · April 25, 2025, 1:34pm

What type of hardware are you using: Raspberry Pi 3, 4+
What YunoHost version are you running: 12.0.12
How are you able to access your server: Direct access via physical keyboard/screen
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: Tweaked Fail2Ban to report IP’s to abuseipdb

Describe your issue

I wanted to setup a custom 404 page to harden my security on my server, and make it harder for scriptkiddies to find out my login page. I’ve also configured fail2ban to ban IP’s that are requesting a abnormal amount of 4xx pages, which is the reason i want to set a custon 404 page.
I’ve seen several tutorials to edit a file in /etc/ssowat, but this folder does not exist in my installation. So these tutorials do not work.
Is there something i’m doing completely wrong?

Share relevant logs or error messages

n/a

Kit · April 25, 2025, 4:51pm

Hello and welcome aboard.

What about using an nginx 444 return ?

=> https://http.dev/444
=> Tuto: Bloquer les requêtes selon le pays (for geoblocking, but you get the idea).

loebas · May 2, 2025, 1:03pm

Sorry for the wait.

This is indeed a option for connection that are directly accessing my server trough my ip adress.

Only i dont know how to do this

Kit · May 2, 2025, 8:02pm

Before thinking about the webpage, you should determine precisely the criterias of redirection.

Too much connection attempts in a short time ? Exclusion using GeoIP ? Other criteria ?

loebas · May 3, 2025, 7:54am

I generally want to keep out bad bots, and prevent skiddies from finding my admin interface. And i want to keep out the occasional AI bots, since i dont want my data to be used to train AI.
So setting up a robots.txt for all my domains would be nice

Kit · May 3, 2025, 8:50am

Keeping bots out of your server => Here’s a hook to be placed in /etc/yunohost/hooks.d/conf_regen/ . You can obviously improve it. This one intend to avoid indexation by search engines like google & co, not to protect server vs malicious bots.

#!/bin/bash

# A placer dans /etc/yunohost/hooks.d/conf_regen/
# Site pour tester les headers : https://headers.4tools.net/

##############################################
#Beware, i'm not sure this command is universal. You must test it before. If not, you can find the result with the command ip route, this one must be like 192.168.0.0/24 or similar. Then replace the variable $network_address with it.
#Attention, je ne suis pas certain que cette commande est universelle. Vous devez la tester au préalable. Si ce n'est pas le cas, vous pouvez trouver la réponse avec la commande ip route, celle-ci doit être de la forme 192.168.0.0/24 ou similaire. Remplacez alors la variable $network_address par celle-ci.
network_address=$(awk '{print $1}' <(grep src <(ip route)))
################################################
action=$1
pending_dir=$4
nginx_dir=$pending_dir/../nginx/etc/nginx
nginx_security_conf=$nginx_dir/conf.d/security.conf.inc

[[ $action == "pre" ]] || exit 0
[[ -d $nginx_dir ]] || exit 0
[[ -e $nginx_security_conf ]] || exit 0

echo '
#Gestion des robots
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive, noimageindex, notranslate";
' >> $nginx_security_conf

BruteForce : fail2ban do the job. You can also parse the logs to re-ban previously banned IP (in case the bot try less often than the findtime configured in F2B). See kit/Purge_IP - Purge_IP - Gitea (old and dirty code, review and improve it). Works with GeoIP, you need to modify it if you don’t Geoblock your server.

Edit : you could also take a look at this webpage Don’t waste your server resources: block unwanted bots using Nginx | VPS and dedicated servers - Your true home for websites

loebas · May 4, 2025, 3:21pm

Alright made the changes.

Honestly i dont really understand why i cant just drop a robots.txt in the root of my website via FTP.
But anyways hope this works

loebas · May 5, 2025, 6:42am

I’m here to report that these changes did in fact not work.
Claudebot still aggressivly crawled my website

vthom56 · May 31, 2025, 6:32am

Hi, thanks for help.
Stupid question : how do I rename the hook to place in conf_regen ? Kind of “stop-bots.conf” or something ?

Other stupid question : in a FTP/SSH connection, I can’t access to repertory “yunohost”

|Error:|Directory /etc/yunohost: permission denied
|Error:|Failed to retrieve directory listing|

Kit · May 31, 2025, 9:00am

Access to folder : go sudo or root

Rename : use a name begining with a number and hyphen : 99-filename. Number depends of the order the hooks are launched. Me sure it is executable (chmod +x filename).

vthom56 · May 31, 2025, 3:40pm

Thanks for fast answer, but about the file, I can choose any name and it should work ? Which extension for the file ? .php, .conf, .any-other-thing ?

Kit · May 31, 2025, 8:17pm

No extension needed.

You can choose the name you want (but begining with 2 digits number and a hyphen).

system · June 30, 2025, 8:18pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.