Http Proxy: Deny Message - Watchguard Firebox X15 User Manual
Firebox x edge e-series version 10 all firebox x edge e-series standard and wireless models
Hide thumbs
Also See for Firebox X15:
- User manual (266 pages) ,
- Quick start manual (2 pages) ,
- Reference manual (264 pages)
Table of Contents
Advertisement
HTTP responses: General settings
When the remote HTTP server accepts the connection request from the HTTP client, most browser status bars
show, "Site contacted. Waiting for reply..." Then the HTTP server sends the appropriate response to the HTTP
client. This is usually a file or series of files. The proxy uses valuable network resources to monitor the network
connection to the web server. It could become necessary to limit or expand how the proxy policy uses these
resources in your network.
Timeout
This setting controls how long the HTTP proxy waits for the web server to send the web page. The idle
timeout makes sure that the proxy can use the network resources after the timeout expires. The
default value is 10 minutes.
Maximum line length
This setting controls the maximum allowed length of a line of characters in the HTTP response
headers. The maximum line length limit prevents buffer overflow attacks.
HTTP proxy: Deny message
The Firebox gives a default deny message that replaces the content that is denied. You can replace that deny
message with one that you write. You can customize the deny message with standard HTML. You can also use
Unicode (UTF-8) characters in the deny message. The first line of the deny message is a component of the
HTTP header. You must include an empty line between the first line and the body of the message.
You get a deny message in your web browser from the Firebox when you make a request that the HTTP proxy
does not allow. You also get a deny message when your request is allowed, but the HTTP proxy denies the
response from the remote web server. For example, if a user tries to download an .exe file and you have
blocked that file type, the user sees a deny message in the web browser. If the user tries to download a web
page that has an unknown content type and the proxy policy is configured to block unknown MIME types, the
user sees an error message in the web browser. You can see the default deny message in the Deny Message
field. To change this to a custom message, use these variables:
%(transaction)%
Puts Request or Response to show which side of the transaction caused the packet to be denied.
%(reason)%
Puts the reason the Firebox denied the content.
%(method)%
Puts the request method from the denied request.
%(url-host)%
Puts the server host name from the denied URL. If no host name was included, the IP address of the
server is given.
%(url-path)%
Puts the path component of the denied URL.
User Guide
Proxy Settings
131
Hide quick links:
Advertisement
Table of Contents
