This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Content spoofing in error pages

Given the path below the Sophos Web Application Firewall is returning a not found error but it displays the requested resource on the page which opens up the ability to spoof the content with a malicious message. You can see the message in the URL and screenshot below. Is there any way to change the message on the page to remove the URL that is printed to the page?

sitename.com//hack-me.com was not found. Please go to www.hackme.com or contact the admin at hack@me.com. The requested URL

 



This thread was automatically locked due to age.
Parents Reply Children
  • Yes, I'm using the WAF. If that's the case do you recommend that I post in the XG and SG groups?

    I found that I can edit the page shown by adding a custom ErrorDocument in the sites-available config file for the reverse proxy. The only problem is that this file is overwritten on each reboot.

  • yes, that's not something the swa pp's can help with.. just make sure you include the model and software version in your post. 

    (my guess is that template is check summed so when you reboot it reverts your changes)  not sure how or if that's possible to change on the firewall device.