This article applies to our On-Premise Appliance Filter and Firewall product only, not to Cloud.
The Block page shows when Web Filter policies applied from On-Premise Appliance block access to a website. You can:
- Use the default Block page.
- Create your own custom Block page.
- Import your own custom Block page.
- Redirect users to an external Block page URL.
Image 1: Example default Block page when using filtering from On-Premise Appliance.
Create a new Block page
Option 1: Use the default Block page
The default Block page is already set up and switched on by default.
If you go to Guardian > Block page > Block pages, you’ll see the default Block page in the Block pages table.
- Select the Edit pencil icon to edit the Block page.
Important
You can’t reset the default Block page's out-of-the-box configuration, so you should create a new Block page rather than edit the default.
- The Delete icon is greyed out because there must be at least one Block page.
Option 2: Create your own custom Block page
Basic content
Tip
Any messages can be customised with placeholders to pull in information to display to the user.
- Go to Guardian > Block page > Block pages.
- In the Customize block page section, enter a Name for the block page and a descriptive Comment.
- Select the Manually create contents for block page option.
- Users see the Block message when a site is blocked. You can edit the default message: ‘This content has been blocked because it does not comply with the acceptable usage policy.’
- Users see the Quota message when content is time-limited using a Web Filter quota. You can edit the default message: ‘Your access to the content you have requested is time limited. You have -REMAINING- left.’
- The Quota button label shows on the button users can select to use their time quota to view the content. You can edit the default label: ‘Access the content for -INTERVAL-’.
- The Sub message appears under the You are being blocked banner. You can edit the default message: ‘The request was logged.’.
- You can add your Smoothwall Administrator's email address. If you also select the Email Address checkbox in the Advanced section, users will see a link they can select to send an email to this email address that says ‘Email a request to unblock this page’.
- Select Save or Advanced.
Image 2: Example Block page with the ‘Logged at -DATETIME-’ placeholder in the Sub message field.
Advanced content
Select Advanced to configure further fields:
- Select a custom title or background image to replace the red cross. Select Choose File, find the file and select Upload.
Important
To set your own custom images, ensure Enable custom title image and Enable custom background image are enabled. Unselect these checkboxes to use the default image.
- Custom title image: The default Smoothwall logo is 218 x 35 pixels. To prevent squashing and cut-offs, the image should not exceed this height.
- Custom background image: Ensure the new image has at least 150 pixels of white space at the top, is around 800 pixels wide and has the motif centralised within.
- Select whether to show each of these things on the Block page:
-
Unblock request: You can choose to include a button on the Block page for users to select to fill out a form and request the page be unblocked.
Tip
The email is sent via the same service used for Reports and System or Safeguarding Alerts. Configure your SMTP settings from Reports > Settings > Output Settings.
- Client username: Shows the username of the user being shown the blockpage. If unauthenticated, this will show the client IP address instead.
- Email address: If you have added a Smoothwall Administrator's email address, users will see a link they can select to send an email to this email address that says ‘Email a request to unblock this page’.
- Client IP address: Shows the IP address of the device the user is browsing on.
- Client hostname: Shows the hostname of the device the user is browsing on. If this is not available, the client IP address is shown instead.
- User group the user is matched against to apply filtering for this site.
-
Unblock controls: You can allow certain staff to add a website to a Category. Give access by selecting the Guardian unblock controls checkbox for their Administrator account. On the Block page, the Administrator will need to enter their username and password. They’ll then see:
- A dropdown to select which Category to add the URL or domain to.
- A button to add the full URL to the Category.
- A button to add the domain to the category, excluding everything after the first /.
- Reason for block: This shows a description of why the content was blocked, for example Content of type Gambling (Domain/URL filtering) blocked.
-
Bypass controls: You can choose to allow certain staff to temporarily access the blocked content by entering their username and password on the Block page. Give access by selecting the Guardian temporary bypass checkbox for their Administrator account. On the Block page, the Administrator will need to:
- Enter their username and password.
- Select a button to select the amount of time to bypass filtering for: 1 minute, 5 minutes, 30 minutes, or 1 hour.
Important
- Smoothwall reviews the certificate before authenticating the user. If HTTPS Inspection is on and the site has an invalid certificate, bypass controls are shown on the Block page but can’t be used.
- This feature does not show on the Block page if you have a multi-tenant environment.
- Show URL of blocked page: Displays the URL of the blocked page.
- Categories matched: Displays the list of categories the site matches.
- Enable custom title image: Upload an image to be able to select this. Unselect this to use the default image.
- Enable custom background image: Upload an image to be able to select this. Unselect this to use the default image.
-
Show login button:
- If you want users to log in, keep the default of Non-SSL login or change this to SSL login.
Important
To authenticate users and allow them to log in, you must set up one or more directories and Core Authentication policies. The best match is used. If no directories are set up, this button won’t show even if you enable this setting for your Block page.
- If you don’t want users to log in, select Disable.
- If you want users to log in, keep the default of Non-SSL login or change this to SSL login.
-
Unblock request: You can choose to include a button on the Block page for users to select to fill out a form and request the page be unblocked.
- Select Save.
Option 3: Import a custom Block page
Important
Smoothwall Support can’t build or troubleshoot custom Block pages on your behalf.
- Go to Guardian > Block page > Block pages.
- In the Customize block page section, enter a Name for the block page and a descriptive Comment.
- Select the Import HTML template from zip archive option.
- Select Download the custom block page example to download the template.
- Edit the template.
- Save it in a zip file archive. Ensure all files needed by the custom Block page are included in the zip file and that the archive’s location can be accessed.
- Select Choose File, find the file and select Upload.
- You can add the Administrator's email address to be used with additional configuration of your custom Block page.
Option 4: Redirect users to an external Block page
- Go to Guardian > Block page > Block pages.
- In the Customize block page section, enter a Name for the block page and a descriptive Comment.
- Select the Redirect to block page option.
- Enter the Block page URL.
- Select Save.
Placeholders
You can add placeholders to your Block page messages to pull in different pieces of information. You can also select Download the custom block page example to view these, alongside some example buttons.
This is a full list of the available placeholders - not all will be useful to you:
- -URL- Full URL of the request
- -SHORTURL- Shorter version of the URL, with "..." appended if necessary
- -SERVERIP- Address of the SmoothWall from the client's point of view
- -REASONGIVEN- Reason given to user why the request was denied
- -REASONLOGGED- Reason logged why the request was denied
- -USER- Client username
- -DATETIME- Date and time (server timezone)
- -IP- Client IP address
- -HOST- Client hostname (use of this field causes a name service lookup)
- -FILTERGROUP- Name of the group the user is in
- -RAWFILTERGROUP- Number of the group the user is in
- -CATEGORIES- List of banned categories this page appears in
- -HIDEBYPASS- HTML style attribute value used to hide content when displaying a soft block page
- -SHOWBYPASS- HTML style attribute value used to show content when displaying a soft block page
- -BYPASS- URI to go to to bypass a soft block page
- -HIDEQUOTA- HTML style attribute value used to hide content when displaying a quota block page
- -SHOWQUOTA- HTML style attribute value used to show content when displaying a quota block page
- -SHOWQUOTABUTTON- HTML style attribute value used to control the display of the "use quota" button.
- -REMAINING- The number of minutes of the user's quota time remaining
- -INTERVAL- The duration, in minutes, of the user's quota interval time.
- -QUOTAINFO- Quota info hash to be posted to the quota cgi when starting a new quota interval. Set it as the value of a hidden field called "quotainfo" to achieve this.
- -SSLLOGINURL- SSL login page URL.
- -NONSSLLOGINURL- Non-SSL login page URL.
Edit or delete a Block page
Important
If you delete a Block page used in a Block page policy, the Action column will show Not found, and the default Block page will be used for this policy.
- Go to Guardian > Block page > Block pages.
- Find the Block page in the Block pages table.
- Select the Edit pencil icon to edit the Block page, or select Delete to delete it.
Next steps
Set up Block page policies to decide when your different Block pages should apply.