Attempting to trap the exploit hunters

I am trying to trap exploit hunters who make HTTP requests on IP address only, with requests for the likes of thisdoesnotexistahaha.php, etc.

I always thought that the first listed Apache virtual host would pick up all the waifs and strays, and when I was using a straight redirect, this seemed to be the case.

However, I am now trying to redirect to a bit of Perl that will read in the requested URI (as query string), do PTR and WHOIS lookups, record in a database, phone the Pentagon, etc. (See: http://www.smiffysplace.com/files/mwahahahaha)

It isn't working, and I can't figure out why. When I try to make an illegal access, I just get:

Forbidden

You don't have permission to access /thisdoesnotexistahaha.php on this server.

…which would tend to indicate that the re-write simply isn't happening.

Relevant parts of Apache config:

NameVirtualHost *

#
# Catch and log stuff that shouldn't happen.
#
 <virtualhost *="">ServerName lostsouls.xxxxxxx.xxxxxxx
        ServerAdmin admin@xxxxxxx.xxxxxxx
        ScriptAlias /lostsouls/ "/usr/www/lostsouls/"
        RewriteEngine On
        RewriteRule . /lostsouls/mwahahahaha$1 [L]</virtualhost> 

 <directory usr="" www="" lostsouls="">Order deny,allow
        Allow from all</directory>