Hello, here's how to reproduce the behaviour that I encountered: 1) Create a context for a certain virtual host, using settings like these: URI: /protected-dir/ Location: protected-dir/ Accessible: Yes Access Allowed: 22.214.171.124 Access Denied: ALL 2) In the general tab of the vhost settings set a custom error page. I am using a 404 page since it is easy to trigger it. Use similar settings according to what you used in the context above: URL: /protected-dir/my404.html 3) Now if you request any non-existing resource from an IP different from 126.96.36.199 you'll get a 403. I was expecting to get my custom 404 since I'm not directly accessing the protected directory. 4) It might be worth noting that if I create a custom file for the 403 error code into the protected directory, and define a custom 403 page like this: URL: /protected-dir/my403.html when I ask for a non-existing resource I still get a 403 but with my custom page. I think that what happens in point 3 should be fixed, since I'm not directly accessing the my404.html file. This is also an inconsistency with the fact that I can access indirectly the my403.html file in the protected directory. Let me know if I should provide more info, thanks.