End-of-Life (EoL)

Device > Response Pages

Custom response pages are the web pages that display when a user tries to access a URL. You can provide a custom HTML message that is downloaded and displayed instead of the requested web page or file.
Each virtual system can have its own custom response pages.
Custom response pages larger than the maximum supported size are not decrypted or displayed to users. In PAN-OS 8.0.11 and earlier releases, custom response pages on a decrypted site cannot exceed 8,191 bytes; the maximum size is increased to 17,999 bytes in PAN-OS 8.0.12 and later PAN-OS 8.0 releases.
The following table describes the types of custom response pages that support customer messages.
Custom Response Page Types
Antivirus Block Page
Access blocked due to a virus infection.
Application Block Page
Access blocked because the application is blocked by a Security policy rule.
Captive Portal Comfort Page
The firewall displays this page so that users can enter login credentials to access services that are subject to Authentication policy rules (see Policies > Authentication). Enter a message that tells users how to respond to this authentication challenge. The firewall authenticates users based on the
Authentication Profile
specified in the authentication enforcement object assigned to an Authentication rule (see Objects > Authentication).
You can display unique authentication instructions for each Authentication rule by entering a
in the associated authentication enforcement object. The message defined in the object overrides the message defined in the Captive Portal Comfort Page.
File Blocking Continue Page
Page for users to confirm that downloading should continue. This option is available only if Continue functionality is enabled in the security profile. Select Objects > Security Profiles > File Blocking.
File Blocking Block Page
Access blocked because access to the file is blocked.
GlobalProtect Portal Help Page
Custom help page for GlobalProtect users (accessible from the portal).
GlobalProtect Portal Login Page
Page for users who attempt to access the GlobalProtect portal.
GlobalProtect Welcome Page
Welcome page for users who attempt to log in to the GlobalProtect portal.
MFA Login Page
The firewall displays this page so that users can respond to multi-factor authentication (MFA) challenges when accessing services that are subject to Authentication policy rules (see Policies > Authentication). Enter a message that tells users how to respond to the MFA challenges.
SAML Auth Internal Error Page
Page to inform users that SAML authentication failed. The page includes a link for the user to retry authentication.
SSL Certificate Errors Notify Page
Notification that an SSL certificate has been revoked.
SSL Decryption Opt-out Page
User warning page indicating that the firewall will decrypt SSL sessions for inspection.
URL Filtering and Category Match Block Page
Access blocked by a URL filtering profile or because the URL category is blocked by a Security policy rule.
URL Filtering Continue and Override Page
Page with initial block policy that allows users to bypass the block. For example, a user who thinks the page was blocked inappropriately can click
to proceed to the page.
With the override page, a password is required for the user to override the policy that blocks this URL. See the URL Admin Override section for instructions on setting the override password.
URL Filtering Safe Search Enforcement Block Page
Access blocked by a Security policy rule with a URL filtering profile that has the
Safe Search Enforcement
option enabled.
The user sees this page if a search is performed using Bing, Google, Yahoo, Yandex, or YouTube and their browser or search engine account setting for Safe Search is not set to strict. The block page will instruct the user to set the Safe Search setting to strict.
Anti Phishing Block Page
Displays to users when they attempt to enter valid corporate credentials (usernames or passwords) on a web page for which credential submissions are blocked. The user can continue to access the site but remains unable to submit valid corporate credentials to any associated web forms.
Select Objects > Security Profiles > URL Filtering to enable credential detection and control credential submissions to web pages based on URL category.
Anti Phishing Continue Page
This page warns users against submitting corporate credentials (usernames and passwords) to a web site. Warning users against submitting credentials can help to discourage them from reusing corporate credentials and to educate them about possible phishing attempts. Users see this page when they attempt to submit credentials to a site for which the
User Credential Submission
permissions are set to
(see Objects > Security Profiles > URL Filtering). They must select
to enter credentials on the site.
You can perform any of the following functions for
Response Pages
  • To import a custom HTML response page, click the link of the page type you would like to change and then click import/export. Browse to locate the page. A message is displayed to indicate whether the import succeeded. For the import to be successful, the file must be in HTML format.
  • To export a custom HTML response page, click
    for the type of page. Select whether to open the file or save it to disk and, if appropriate, select
    Always use the same option
  • To enable or disable the
    Application Block
    page or
    SSL Decryption Opt-out
    pages, click
    for the type of page. Select or deselect
    , as appropriate.
  • To use the default response page instead of a previously uploaded custom page, delete the custom block page and commit. This will set the default block page as the new active page.

Recommended For You