We'd love to hear about it! Click here to go to the product suggestion community
As a new feature in Sophos UTM/SG 9.6 the Webserver Protection (WAF) allows to customize the web pages users see when a page is blocked or intercepted by the WAF.
You can create themes for every type of error page individually or for more than one type. The templates configured in a theme will be rendered and delivered in response to requests that are blocked by the WAF. You can either use the default theme or edit it. If you want to create a new theme, you have to provide a template HTML page and CSS files, JavaScript files, or images if required.
To create a theme, proceed as follows:
To either edit or delete a theme, click the corresponding buttons.
All occurrences of <?assets_path?> will be replaced by the path containing all assets which have been uploaded alongside the theme. This allows for cleaner templates by placing stylesheets, images, etc. outside the actual template, e.g. <link rel="stylesheet" type="text/css" href="<?assets_path?>/stylesheet.css">.
<?assets_path?>
<link rel="stylesheet" type="text/css" href="<?assets_path?>/stylesheet.css">
All occurrences of <?company_text?>, <?admin_message?> and <?admin_contact?> will be replaced by the defined messages, e.g. <p>If you encounter any problems or questions, please contact <b><?admin_contact?></b>.</p>.
<?company_text?>
<?admin_message?>
<?admin_contact?>
<p>If you encounter any problems or questions, please contact <b><?admin_contact?></b>.</p>
All occurrences of <?company_logo?> will be replaced by the path leading to the uploaded image, e.g. <img src="<?company_logo?>" alt="">.
<?company_logo?>
<img src="<?company_logo?>" alt="">
All occurrences of <?reason?> will be replaced by the name of the feature that caused the request to get blocked, e.g. <p>Your request was blocked: <?reason?></p>.
<?reason?>
<p>Your request was blocked: <?reason?></p>
All occurrences of <?reason_extra?> will be replaced by a short explanation what exactly caused the request to get blocked, e.g. <p>Details: <?reason_extra?></p>.
All occurrences of <?uid?> will be replaced by unique identifier of the request, e.g. <p>Request ID: <?uid?></p>. This identifier is also used in the log files.
<?uid?>
<p>Request ID: <?uid?></p>
All occurrences of <?av_direction?> will be replaced by “upload” or “download” depending on the scanning direction. It can be used only in antivirus templates, e.g. <p>Your file <?av_direction?> got blocked by antivirus</p>.
<?av_direction?>
<p>Your file <?av_direction?> got blocked by antivirus</p>
All occurrences of <?path?> will be replaced by the blocked request’s path including its query string, e.g. <p>Your request to <?path?> got blocked</p>. Please note that using this variable is not recommended because it could make your web server vulnerable to reflected content spoofing attacks.
<?path?>
<p>Your request to <?path?> got blocked</p>
Exposing the requested path via the <?path?> variable is considered to be a security risk.
This is a great feature, but I surely miss that I can preview my template, without actually the need to deploy anything unwanted on my web page ;)
In reply to twister5800:
Hello, everybody,according to KB118958, the possibilities described above do not apply to the WAF.For us as a company it is incomprehensible that simple functions such as the display of login problems cannot be done in WAF, especially as this is possible e.g. with a user portal.If a manufacturer like Sophos provides functions like WAF, then this should be done in a proper error handling.We would therefore like to ask Sophos to install these features and make them available!Thanks for helping
wrbrgds
TBC