Description
This article describes how to change the login error on Web Filter Block Override. When configuring Authenticate on the FortiGuard Category-Based Filter, it will require the user to authenticate. If the user does not belong to the group that is allowed to access the site based on category, it will show 'Invalid username and/or password'.
Scope
FortiGate.
Solution
FortiGate configuration:
Web filter Profile:
Advertising category set to Authenticate -> Select User Groups: WF_Advertising.
user_advertising is a member of the Group WF_Advertising.
Brokerage and Trading category set to Authenticate -> Select User Groups: WF_Brokerage.
Firewall Policy:
Visit an Advertising Website -> Select Proceed -> Enter username and password user_advertising -> Select Continue -> Website is accessible.
Visit a Brokerage and Trading Website -> Select Proceed -> Enter username and password user_advertising -> Select Continue.
'Invalid username and/or password' is seen even if the username and password are correct. user_advertising is not a member of WF_Brokerage Group thus the website is inaccessible.
The error message can be changed on the replacement Page with JavaScript script.
System -> Replacement Messages -> Extended View -> FortiGuard Web Filtering -> FortiGuard Override Page.
Edit FortiGuard Override Page -> Scroll down -> Copy and paste the script below after the tag '</body>.' -> Select Save.
<script>
const fonts = document.getElementsByTagName('font');
const errorprompt = fonts[0];
let custom_message_here = 'Invalid username and/or password or you are not part of the group that is allowed to access the website category';
console.log(custom_message_here);
errorprompt.innerHTML = custom_message_here;
</script>
Visit a Brokerage and Trading website -> Select Proceed -> Enter username and password user_advertising -> Select Continue.
