01-08-2015 02:46 PM - last edited on 03-25-2019 06:15 PM by ciscomoderator
Prior to implementing blocking (FirePower ASA currently set in passive mode), I need to provide a custom block page. Ideally this would include a company logo and some text indicating why the page was blocked. The documentation is somewhat light on the how of doing this (Firesight System User Guide Version 5-3-1) Chapter "Managing Access Control Policies".
Questions:
- How to include a logo file (if possible).
- Is there a URL on the Firesight Appliance (or elsewhere) to test the Block Response Page or Interactive Block Response Page?
---------------------------------
SourceFire Virtual Defence Center (64bit) version 5.3.1
ASA 5525X's running Firepower 5.3.1
Solved! Go to Solution.
01-09-2015 11:29 AM
There is nothing in the Defense Center to test the response. I would just add an access control rule like (src ip: my IP, application:cnn.com) so you can test it from your workstation.
The HTTP Response page is just HTML. There's no GUI or way to upload an image but you really don't need that.
If you're just blocking (not interactive block) you can always just use an HTML redirect to send somebody to an existing page. If your legal team already has a page with all this language you can just redirect there.
Otherwise just enter the HTML code yourself.
If you want to include your logo all you need is a line like:
<img src="http://mycompany.com/logo.jpg">
Just head over to your company's home page and copy the URL of a logo there to use in code like this.
Or include text like this:
<h1>Access Denied</h1>
<p>
<strong>You are attempting to access a forbidden site.</strong></p><br/><br/>
<p>Not judging or anything. Maybe just not at work, okay? Consult your system administrator for details.</p>
01-09-2015 11:29 AM
There is nothing in the Defense Center to test the response. I would just add an access control rule like (src ip: my IP, application:cnn.com) so you can test it from your workstation.
The HTTP Response page is just HTML. There's no GUI or way to upload an image but you really don't need that.
If you're just blocking (not interactive block) you can always just use an HTML redirect to send somebody to an existing page. If your legal team already has a page with all this language you can just redirect there.
Otherwise just enter the HTML code yourself.
If you want to include your logo all you need is a line like:
<img src="http://mycompany.com/logo.jpg">
Just head over to your company's home page and copy the URL of a logo there to use in code like this.
Or include text like this:
<h1>Access Denied</h1>
<p>
<strong>You are attempting to access a forbidden site.</strong></p><br/><br/>
<p>Not judging or anything. Maybe just not at work, okay? Consult your system administrator for details.</p>
03-20-2015 04:06 AM
hi
is it possible to include some info on the block reason to end user in this block page template
like blocked because of category XXX, bad reputation, ...
thanks
03-20-2015 09:17 AM
No, there isn't, sorry.
10-02-2015 07:17 AM
Has there been any updates that would allow this now? I'm in the same scenario where we would like the client to see why they are getting blocked. And which category was causing the block so we can easily identify what, as admins, need to tweak.
Thanks,
10-04-2015 11:12 AM
You can't make it display in the page shown to the end user.
However, if you look in your FireSIGHT Management Center under Analysis, Connection Events; the URL Category for all connections is displayed there.
A simple search (i.e., Action = Blocked and Initiator User = username of end user with the issue) would quickly show the problematic URL and category
02-02-2016 10:34 AM
I am also in the group that would love this feature. Our last web filter had it, and users are starting to get annoyed by not knowing why some things are blocked, creating more helpdesk tickets etc.
It should be a variable that can be inserted into the custom HTML code in the HTTP response page.
05-25-2016 11:35 AM
Add me to the group that would like this feature.
05-29-2016 02:40 PM
Perhaps until the feature is added you could include the brightcloud url in the response, so the user can perform their own url test to see what category they triggered.
01-01-2017 03:04 PM
ohhh, so HTTPS doesnt display that interactive block??! that sucks, i thought i had something misconfigured. that needs to be added most pages nowdays are https..
08-29-2016 12:22 PM
+1 more for me to that group.
06-23-2016 04:42 AM
Hi Team,
We need this feature to ensure that the firewall administrator doesn't always need to check in the logs available in Firesight. Also in case of user in remote locations with access to business websites that will not be that tech savy the categories information will be definitely useful.
Is it a part of roadmap to provide the feature?
06-23-2016 07:49 AM
Hello Team,
If you need to add this as a feature, please contact your accounts team to open a new enhancement request to add in the upcoming versions. Accounts team can open a enhancement request and work with Sourcefire Dev team to get this done.
Rate if this post helps you.
Regards
Jetsy
09-21-2016 12:59 PM
add me to this feature for me i i like.
07-15-2016 01:06 PM
Not specific reason, just a generic response, and who to contact if the user needs resolution.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide