Block pages

This page includes:

• Block pages
  • About block pages
  • Triggers for block pages
  • Mode requirements for block pages to be displayed
  • Bypassing block pages
  • Customizing block pages

About block pages

To enhance security, when an end-user uses a browser that is protected by the Browser Extension, various block pages may be displayed to the end-user. The block pages may limit or restrict the end-user's access when the end-user tries to:

• download a file

  - or -

• access a certain URL

Triggers for block pages

The specific triggers for displaying block pages are shown in the table below:

User action	Event that triggers the block page
Downloading a file	The downloaded file is scanned by FortiMail Browser Security and found to be malicious.
	The downloaded file can't be scanned because it is too large, or it is password-protected.
	The downloaded file is blocked by the policy. For details, see Website Rules.
Accessing a URL	The URL is scanned by FortiMail Browser Security and found to be malicious or to be a phishing site.
	The URL is blocked by the policy. For details, see Website Rules.

Mode requirements for block pages to be displayed

Block pages are displayed only if the selected detection mode is either Block or Warn. If the selected detection mode is either Disabled or Silent, no block pages will be displayed. For details on detection modes, see Detection Settings.

Bypassing block pages

There are two types of block pages:

• Block pages that can't be bypassed

• Block pages that can be bypassed

Block pages that CAN'T be bypassed

When the Block detection mode is selected, users are not able to bypass any block pages that appear. Block pages in Block mode prevent the user from accessing the relevant downloaded file or the relevant URL. "Block" website block pages enable users to "report a detection issue." Users can "report a detection issue" when a block page appears for a certain site, but the user believes that the site is safe to visit. After submitting the issue, the user will be not be given access to the site - until the site is approved by the FortiMail Workspace Security IR Team.

Block pages that CAN be bypassed

When the Warn detection mode is selected, users can bypass any block page that appears, in order to access the relevant downloaded file or the relevant URL. Bypassing a block page is recommended only if the user understands the potential risk - or believes that the URL or file is safe. To bypass a block page, users can click the available "bypass link" at the bottom of the block page. For website block pages, the bypass link is typically "visit this unsafe site". "Warn" website block pages also enable users to "report a detection issue." Users can "report a detection issue" when a block page appears for a certain site, but the user believes that the site is safe to visit. After submitting the issue, the user will be given access to the site. The site will be analyzed by the FortiMail Workspace Security IR Team. The IR team may then change the site to being a safe site - depending on the findings of their analysis. When a user chooses to visit a blocked site - by clicking either "visit this unsafe site" or "report a detection issue" - an event will be added to the event log. See Events Page.

For details on the detection modes, see Detection Settings.

Customizing block pages

It is possible to customize block pages. For details, see Custom Messages.

See also: 

• Policies