Block pages

This page includes:

About block pages

To enhance security, when an end-user uses a browser that is protected by FortiMail Browser Security, various block pages may be displayed to the end-user. The block pages may limit or restrict the end-user's access when the end-user tries to:

download a file

- or -
access a URL

Origins of block pages

Block pages may have either of the following origins:

Website detection settings
Website rules

For an introduction to these origins, see About website access.

Triggers for block pages

The user actions [events] that trigger block pages to be displayed are shown in the table below:

User action	Event that triggers the block page	Origin	Page background color
Downloading a file	The downloaded file is scanned by FortiMail Browser Security and found to be malicious.	Website detection setting	Red
	The downloaded file can't be scanned because it is too large, or it's password-protected.	Website detection setting	Red
	The downloaded file is blocked by a website rule in the user's policy. For details, see Website Rules.	Website rule	Gray
Accessing a URL	The URL is scanned by FortiMail Browser Security and found to be malicious or to be a phishing site.	Website detection setting	Red
Accessing a URL	The URL is blocked by a website rule in the user's policy. For details, see Website Rules.	Website rule	Gray

Requirements for detection block pages to be displayed

Detection block pages are displayed only if the configured website detection mode or file detection mode is either Block or Warn. If the configured detection mode is either Disabled or Silent, no detection block pages will be displayed. For details on detection modes, see Detection Settings.

Bypassing block pages

There are two types of block pages:

Block: Block pages that can't be bypassed
Warn: Block pages that can be bypassed

Block

Block pages that CAN'T be bypassed

When the Block detection mode is configured, users are not able to bypass any block pages that appear. Block pages in Block mode prevent the user from accessing the relevant downloaded file or the relevant URL.

Website block pages enable users to click "Show Details" and then "report a detection issue." Users can "report a detection issue" when a block page appears for a certain URL, but the user believes that the URL is safe to visit. After submitting the detection issue, the URL will be analyzed by the FortiMail Workspace Security IR Team. The user will be not be given access to the URL until it is approved by the FortiMail Workspace Security IR Team.

Warn

Block pages that CAN be bypassed

When the Warn detection mode is configured, users can bypass any block page that appears, in order to access the relevant downloaded file or the relevant URL. Bypassing a block page is recommended only if the user understands the potential risk - or believes that the URL or file is safe.

When a user clicks "Show Details", 2 by-pass options are displayed:

Report a detection issue: Users can "report a detection issue" when a block page appears for a certain URL, but the user believes that the URL is safe to visit.

After submitting the issue, the user will be given access to the URL. The URL will be analyzed by the FortiMail Workspace Security IR Team. The IR team may then change the URL to being a safe URL - depending on the findings of their analysis.

Visit this unsafe site: To bypass a block page, users can click the available "bypass link" at the bottom of the block page. For website block pages, the bypass link is typically "visit this unsafe site".

When a user chooses to visit a blocked URL - by clicking either "visit this unsafe site" or "report a detection issue" - an event is added to the event log. See Events Page.

For details on the detection modes, see Detection Settings.

Customizing messages in detection block pages

It is possible to customize some of the messages that appear in detection block pages. For details, see Custom messages.