Customize error pages
Error pages appear when a user violates SIA policy. For example, when a user attempts to access content that is blocked by the AUP or attempts to access a blocked domain or IP address. An error page warns users that website access is prohibited and a violation occurred.
The first time a policy is deployed with a Block action and an Error Page response, it may take up to 30 minutes for the error page to appear to the user.
SIA includes error pages that you can customize the appearance of or you can select to show error pages that are hosted by your organization.
For a complete list of settings that you can modify in SIA error pages, see Error page customization. To use a hosted error page instead of SIA error pages, see Use a hosted error page.
Error pages appear in the language that is associated with the end-user's browser. These pages are translated by the browser.
Know the following:
- If you deployed ETP Client, a custom or hosted error page does not appear to end users who make requests from unidentified IP locations. Instead, the users see the Website Access Prohibited message without any customization.
- If you configure a DNS Only policy, users who access blocked HTTPS websites will see a browser error page instead of a SIA error page. To show a SIA error page, make sure you set up SIA Proxy and select DNS + Proxy as the policy type.
If you choose to use SIA error pages, these error pages are available:
- Website Access Prohibited
- Threat Website Warning
- Acceptable User Policy Violation
- Error Warning
- User Authentication Error
Website Access Prohibited
This page warns that the website has been blocked based on the organization’s policy. The error page also indicates what URL was blocked.
This error page appears in these situations:
When a user from an Unidentified IPs location attempts to access a domain that may be a security risk. These users are typically remote users who access content from IP addresses that are not already configured as locations in SIA.
When SIA proxy is disabled and malicious HTTP or HTTPS traffic is directed to Enterprise Security Connector version 2.5.0.
Threat Website Warning
This message appears when a user attempts to access a domain that is a known or suspected threat. If the proxy is enabled, these error pages also appear for malicious HTTP or HTTPS traffic. The message is specific to the threat type. For example, any one of these warnings may appear on this page:
Phishing Website Warning. Appears when a user attempts to access a domain that is known or suspected to perform phishing attacks.
Malware Website Warning. Appears when a user attempts to access a domain that is known to host malware.
C&C Website Warning. Appears when a user attempts to access a domain that is known to perform C&C communications.
Regardless of threat type, the error page also shows what URL was blocked.
Acceptable User Policy (AUP) or Application Visibility and Control (AVC) Violation
This message appears when a user violates the AUP or AVC settings in a policy. The message indicates which AUP or AVC category was violated. It also shows what URL was blocked.
If a file is blocked as a result of a DLP configuration, this message appears:
An error message similar to this one appears when SIA or SIA Proxy cannot connect to the requested website. This may occur in any of these situations:
Connectivity issue to the origin website.
TLS certificate issue. This includes cases where SIA Proxy cannot validate an origin certificate. If an SIA administrator chooses to block origin certificates that cannot be verified, this error page appears to the user.
Unknown user or group attempting to access a website.
The blocked URL is shown in the error page.
Depending on the situation, the error message may differ. For example, this error message appears when there is an issue with the TLS certificate:
The blocked URL is shown on the error page.
User Authentication Error
If authentication is enabled and configured in an acceptable use policy, this error message appears when a user enters invalid credentials to access a website.
The blocked URL is shown on the error page.
Error page customization
If you choose to use SIA error pages instead of an error that is hosted by your organization, you can modify these areas of the SIA error pages:
Logo. Area at the top-left of the page that is reserved for the logo image. You can upload an image in JPEG or PNG format.
Title. Title header of the page that indicates website access is prohibited. You can select the background color and the color of the text. You can also modify the font, font size, and style of the text.
Message Area. Area of the page that is reserved for:
The reason or cause of the error
The category associated with the error
A message and explanation
IT help desk contact information such as the email, phone, and the ticket URL
In this area of the page, you can:
Modify the color, font, font size, and font style of the text.
Select a background color for the message.
Enter the IT email address, phone number, and ticket URL.
Show or hide the IT email address, phone number, or ticket URL.
Window Background. Setting where you can select the background color of top and bottom of the page where no text is provided. You can also select whether you want to show the corner image.
Any modification you make to these areas impacts all error messages. For example, if you modify the font style of the message, the message in all of the error pages then uses the new font style.
Change the appearance of SIA error pages
If you're an Secure Internet Access Enterprise administrator, you can configure the appearance of SIA error pages. An error page appears when a user attempts to go to a website that violates access control settings or is a known or suspected malware, phishing, or C&C communication security threat. Error pages appear for known or suspected domains that are configured in the policy with a Block action and the Error Page response. For details, see Error page customization.
Any modification that you make to an element or item of an error page is applied to all SIA error pages. For example, if you select a specific font for the message that is provided in an error page, all error pages use that font for the message.
To change the appearance of error pages:
In the Threat Protection menu of Enterprise Center, select Policies > Error Pages.
To upload a logo, click the Upload File and locate the image that you want to upload.
To modify the Title heading:
Navigate to the Title area.
For the background color, click the color swatch and select the color that you want from the provided palette.
To format the heading text, click the link that shows font style and formatting currently applied to the title, and in the toolbar that appears, select a new font, font size, or font format.
To modify the background color of the message area:
In the Message Area, go to the swatch that is associated with the background color.
Click the color swatch and select the color that you want from the provided palette.
To modify the text color and formatting associated with the Reason, Category, Explanation, or Communication parts of the message:
To change the background color of the message area items, click the associated color, and select the color that you want from the provided palette.
To format the text associated with an item in the message area, click the link that shows the applied font style and format, and in the formatting bar that appears, select a new font, font size, and font style as needed.
Repeat step 5a and 5b for each message area item you want to modify.
To show or hide communication information on the error pages:
To show the Mail, Phone, or Ticket information, ensure that the fields are selected.
To hide the Mail, Phone, or Ticket information, deselect the field.
To enter communication information for your IT help desk:
In the Mail field, enter an email address.
In the Phone field, enter a phone number.
In the Ticket field, enter the ticket URL.
To modify the background color of the top or bottom of the error page:
To modify the top of the page, for the gradient, click the color swatch and select a color from the provided palette.
To modify the bottom of the page, for the gradient, click the color swatch and select a color from the provided palette.
To show a corner image at the bottom right-hand side of the page, select Display Corner Image.
To restore the default settings of the error pages, click Back to Default.
Use a hosted error page
If your organization maintains its own error pages, you can choose to show users a hosted error page instead of SIA error pages. When you enable this feature, users are redirected to the hosted error page for all blocked websites.
To use a hosted error page:
In the Threat Protection navigation menu, select Policies > Error Pages.
Enable Self Hosted Error Page.
In the provided field for the host, enter the URL where your organization hosts the error page.
Parameters in an error page URL
While an error page indicates that access is denied to a website, the URL of the page also provides additional information to your users and help desk administrators. This information includes the error type, host or URI that the user attempted to access, the type of error that occurred, and more. These parameters are available in the URL of SIA error pages and in the URL of the error page that's hosted by your organization.
The parameters in the URL may look like this:
This error page URL includes the configuration ID, the specific threat category, domain that the user tried to access, the source IP address, and the reason why access was denied.
Depending on the error, these parameters may appear in the error page URL:
|lang||Language that's displayed for the error page|
|category||Shows the category that was blocked. One of these values may appear for this parameter: |
|class||Values that show additional details about the category. When a category is THREAT, the class parameter value includes three numerical values (for example, &class=1-2-3), where the middle numerical value represents the specific category ID. The category ID maps to these threat categories:|
When the category is either AUP or CONTROL, the class parameter provides more details on the reason for the block. If the value is a numeric ID, this is the specific AUP or access control category ID that caused the block action. For more information on these IDs, see AUP and Access Control Category IDs.
If the category is ERROR, the error_type parameter will show the specific value.
|error_type||Type of error that occurred. Possible values for this parameter include: |
|code||If error_type information is provided, a code also appears with more specific information. Any one of these codes can appear: |
|unauthenticated_reason||Indicates why an authentication failure occurred. Any of these reasons may appear: |
|hashThatCausedBlock||The hash value of the file that was blocked.|
|host||Host that user attempted to access.|
|uri||URI that user attempted to access.|
AUP and Access Control Category IDs
In a class parameter (for example, &class=1-2-3) of an error page URL, the middle numerical value represents the specific category ID. These numerical values map to the category ID that’s associated with AUP and access control operation categories.
For more information on AUP categories, see Acceptable use policy categories.
|Numeric ID||AUP Category or Access Control Operation Category|
|18||Paying and Transferring Money|
|23||Financing & Investing|
|34||Forums & Message Boards|
|37||Personals & Dating|
|49||Nudism & Naturism|
|53||Peer to Peer|
|73||Business & Economy|
|81||Entertainment & Arts|
|83||Hunting & Fishing|
|84||Recreation & Hobbies|
|86||Image & Video Search|
|87||Fashion & Beauty|
|88||News & Media|
|90||Cult & Occult|
|92||Training & Tools|
|95||Reference & Research|
|101||Home & Garden|
|102||Online Greeting Cards|
|103||Computer & Internet Security|
|104||Computer & Internet Info|
|105||Keyloggers & Monitoring|
|107||Shareware & Freeware|
|108||Pay to Surf|
|111||Spyware & Adware|
|112||Content Delivery Networks|
|113||Confirmed Spam Sources|
|120||Productivity and CRM Tools|
|121||Sales and Marketing|
|122||System & Development|
|123||Collaboration and Online Meetings|
|124||General Internet (News, Utilities, Misc)|
|127||Individual Stock Advice & Tools|
|128||Child Abuse / Exploitation|
Updated about 1 month ago