Block pages

This page includes:

• Block pages
  • About block pages
  • Origins of block pages
  • Triggers for block pages
  • Requirements for detection block pages to be displayed
  • Bypassing block pages
  • Customizing messages in detection block pages

About block pages

To enhance security, when an end-user uses a browser that is protected by FortiMail Browser Security, various block pages may be displayed to the end-user. The block pages may limit or restrict the end-user's access when the end-user tries to:

• download a file

  

  - or -

• access a URL

  

Origins of block pages

Block pages may have either of the following origins:

• Website detection settings

• Website rules

For an introduction to these origins, see About website access.

Triggers for block pages

The user actions [events] that trigger block pages to be displayed are shown in the table below:

User action	Event that triggers the block page	Origin
Downloading a file	The downloaded file is scanned by FortiMail Browser Security and found to be malicious.	Website detection settings
	The downloaded file can't be scanned because it is too large, or it's password-protected.	Website detection settings
	The downloaded file is blocked by a website rule in the user's policy. For details, see Website Rules.	Website rules
Accessing a URL	The URL is scanned by FortiMail Browser Security and found to be malicious or to be a phishing site.	Website detection settings
	The URL is blocked by a website rule in the user's policy. For details, see Website Rules.	Website rules

Requirements for detection block pages to be displayed

Detection block pages are displayed only if the configured website detection mode or file detection mode is either Block or Warn. If the configured detection mode is either Disabled or Silent, no detection block pages will be displayed. For details on detection modes, see Detection Settings.

Bypassing block pages

There are two types of block pages:

• Block: Block pages that can't be bypassed

• Warn: Block pages that can be bypassed

Block Block pages that CAN'T be bypassed

When the Block detection mode is configured, users are not able to bypass any block pages that appear. Block pages in Block mode prevent the user from accessing the relevant URL or the relevant downloaded file. Users can request to have the web-page re-evaluated when a block page appears for a certain URL, but the user believes that the URL is safe to visit. After requesting the re-evaluation, the URL will be analyzed by the FortiMail Workspace Security IR Team. The user will be not be given access to the URL until it is approved by the FortiMail Workspace Security IR Team.

Warn Block pages that CAN be bypassed

Malicious URLs When the Warn detection mode is configured, users can bypass any block page that appears, in order to access the relevant URL. Bypassing a block page is recommended only if the user understands the potential risk - or believes that the URL is safe. Two by-pass options are displayed: Request a re-evaluation of the page rating: Users can "request a re-evaluation of the page rating" when a block page appears for a certain URL, but the user believes that the URL is safe to visit. After submitting the issue, the user will be given access to the URL. The URL will be analyzed by the FortiMail Workspace Security IR Team. The IR team may then change the URL to being a safe URL - depending on the findings of their analysis. Continue to web page: To bypass a block page, users can click the available "bypass link" at the bottom of the block page. For website block pages, the bypass link is "Continue to web page" [by default]. Note: When a user chooses to visit a blocked/warned URL - by clicking "Continue to web page" - an event is added to the event log. The event has the following Activity text: "User bypassed warning about unsafe site". When a user chooses to visit a blocked/warned URL - by clicking "To have the rating of this page re-evaluated" - an event is added to the event log. The event has the following Activity text: "User reported detection issue". See also: Events Page Malicious download files When the Warn detection mode is configured, users can bypass any block page that appears, in order to access the relevant downloaded file. Bypassing a block page is recommended only if the user understands the potential risk - or believes that the file is safe.

For details on the detection modes, see Detection Settings.

Customizing messages in detection block pages

It is possible to customize some of the messages that appear in detection block pages. For details, see Custom messages.

See also: 

• Policies