Customize the URL Filtering Response Pages
The firewall provides predefined URL Filtering Response Pages that display by default when a user:
- A user attempts to browse to a site in a category with restricted access.
- A user submits valid corporate credentials to a site for which credential detection is enabled (Prevent Credential Phishing based on URL category).
- Container Pages blocks a search attempt.
However, you can create your own custom response pages with your corporate branding, acceptable use policies, and links to your internal resources.
Custom response pages larger than the maximum supported size are not decrypted or displayed to users. In PAN-OS 8.1.2 and earlier PAN-OS 8.1 releases, custom response pages on a decrypted site cannot exceed 8,191 bytes; the maximum size is increased to 17,999 bytes in PAN-OS 8.1.3 and later releases.
- Export the default response page(s).
- Select DeviceResponse Pages.
- Select the link for the URL filtering response page you want to modify.
- Click the response page (predefined or shared) and then click the Export link and save the file to your desktop.
- Edit the exported page.
- Using the HTML text editor of your choice,
edit the page:
- If you want the response page to display custom information about the specific user, URL, or category that was blocked, add one or more of the supported Table 1.
- If you want to include custom images (such as your corporate logo), a sound, or style sheet, or link to another URL, for example to a document detailing your acceptable web use policy, include one or more of the supported Table 2.
- Save the edited page with a new filename. Make sure that the page retains its UTF-8 encoding. For example, in Notepad you would select UTF-8 from the Encoding drop-down in the Save As dialog.
- Using the HTML text editor of your choice, edit the page:
- Import the customized response page.
- Select DeviceResponse Pages.
- Select the link that corresponds to the URL Filtering response page you edited.
- Click Import and then enter the path and filename in the Import File field or Browse to locate the file.
- (Optional) Select the virtual system on which this login page will be used from the Destination drop-down or select shared to make it available to all virtual systems.
- Click OK to import the file.
- Save the new response page(s).Commit the changes.
- Verify that the new response page displays.From a browser, go to the URL that will trigger the response page. For example, to see a modified URL Filtering and Category Match response page, browse to URL that your URL filtering policy is set to block.
Device > Response Pages
Device > Response Pages Custom response pages are the web pages that display when a user tries to access a URL. You can provide a ...
URL Filtering Response Pages
URL Filtering Response Pages The firewall provides three predefined response pages that display by default when a user attempts to browse to a site in ...
URL Filtering Categories
URL Filtering Categories Select Objects Security Profiles URL Filtering Categories to control access to websites based on URL categories. Categories Settings Description Category Displays the ...
URL Filtering Profile Actions
URL Filtering Profile Actions The URL Filtering profile specifies web access and credential submission permissions for each URL category. By default, site access for all ...
Enable Users to Opt Out of SSL Decryption
Allow users to choose whether they want to continue to a site for which traffic is decrypted or opt out and allow the firewall to ...
URL Filtering The Palo Alto Networks URL filtering solution allows you to monitor and control the sites users can access, to prevent phishing attacks by ...
Prevent Credential Phishing
Prevent Credential Phishing Phishing sites are sites that attackers disguise as legitimate websites with the aim to steal user information, especially the credentials that provide ...
Allow Password Access to Certain Sites
Allow Password Access to Certain Sites In some cases there may be URL categories that you want to block, but allow certain individuals to browse ...
Configure GlobalProtect to Facilitate Multi-Factor Authenti...
Configure GlobalProtect to Facilitate Multi-Factor Authentication Notifications To protect critical applications and stop attackers from using stolen credentials to conduct lateral movement throughout your network, ...