Probably the best answer is to add the UserActive column to the list of stored session values. Then you can create another rule for "Logged In but not Active" that looks for the value of that session variable.
Then on each of the restricted pages you could add a check to see if someone is logged in and not active and redirect them back to the login page with failed=3 in the url.