Differentiating between an Error and a URL Filtering Block for Customizing the User Experience

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Differentiating between an Error and a URL Filtering Block for Customizing the User Experience

L3 Networker

Hello,

    I am working on customizing the user experience on the PAN's that we are installing.  I would like to be able to have a different look and feel when an "error" occurs rather than when a website is blocked because of the content (ie the website is a category that we block).

    I have read the Tech Note on Customizing Block Pages (rev 00B).  I have set up URL Block pages that handle different categories.  The situation I am talking about is when the user types the URL incorrectly resulting in a DNS error or the website isn't "quite" up and results in a time-out.   I want to trigger on the errors and give a different page for the errors.

   I reviewed the forums in KnowledgePoint but didn't see anything...

   Any ideas?

Thanks

Art

1 REPLY 1

L6 Presenter

So what you want to do is to act on http errors?

That case should be able to be handled with a custom threat where you act on the http response code and if not 200 (or the other good codes) it should trigger.

Then in your custom block page for threats you set it up so the threat name is visible (if possible) and give your custom threat a good to explain what happend to the client.

However in my opinion you shouldnt do this. Some webservers have their own error pages which would break that "user experience" if you start to manipulating the results.

Also im not sure if you can do the same for dns errors because the flow which then would be blocked with above method doesnt handle http block pages (block pages only works for http traffic - I think previously one could see (if running tcpdump) that PA device would send blockpages even for smtp traffic and such but those flows cannot handle the html code which comes flying for obvious reasons 🙂

A better option would be to use a webproxy for this - then you can better configure various error pages depending on if the dns entry is missing or any other http related error: http://www.squid-cache.org/Support/products.html

A workaround would be if the clients webbrowsers have various errorpages you can manipulate (like if you GPO's in a AD or such).

  • 1355 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!