Skip to main content
kcerb
kcerb
New Member
August 30, 2019
Solved

How to inform client when application filter is blocking a website?

  • August 30, 2019
  • 1 reply
  • 4869 views

Hi,

We have Fortigate with proxy-based inspection mode (FW:5.4.10)

When web-filter module blocks a website, client have information in his browser.

But when application control module blocks a website it is just blank (white) and after a while - this site is unavailable . Is it possible to change it?

 

 

    Best answer by Dave_Hall

    The option for replacement message for HTTP-based App should be enabled by default, at least under 6.0.x.  Then under System/Replacement Messages->edit/customize the "Application Control Block Page" page.  Keep in mind that if the website is on HTTPS (most sites are these days) you may not see the message unless "deep packet" inspection is enabled  - someone may want to chime in here if I'm mistaken on this.

     

    1 reply

    Dave_Hall
    Dave_HallAnswer
    New Member
    August 30, 2019

    The option for replacement message for HTTP-based App should be enabled by default, at least under 6.0.x.  Then under System/Replacement Messages->edit/customize the "Application Control Block Page" page.  Keep in mind that if the website is on HTTPS (most sites are these days) you may not see the message unless "deep packet" inspection is enabled  - someone may want to chime in here if I'm mistaken on this.

     

    kcerb
    kcerbAuthor
    New Member
    September 2, 2019

    Thank you Dave.

    So it's about HTTPS.

    Dave_Hall
    Dave_Hall
    New Member
    September 3, 2019

    The issue is more about getting the popup message to appear - if a site is on HTTPS, so would be the popup warning message. This would be no problem if the fgt is configured for deep packet inspection. 

     

    This KB article was recently posted (in the last 3 months or so) that "may" address this, though it doesn't say for which firmware version it is for, nor if it will work for web-based control apps. 

     

    https://kb.fortinet.com/kb/documentLink.do?externalID=FD37342

     

    kcerb wrote:

    So it's about HTTPS.

    Terms & ConditionsAccessibility statement