Can users be redirected to a block page hosted on a different server?
Web Security and Filter, Web Security Gateway Anywhere, Websense Enterprise
5.5, 6.1, 6.2, 6.3, 7.0, 7.1, 7.5, 7.6
Can users be redirected to a block page hosted on a different server? Is it possible to hide the identity of the Websense machine (make it look as though the block page is coming from another machine)?
Options are available to hide the identity of the Websense machine. You may:
- Change the content displayed in the top frame of a block page
- Modify the hosts file to make the block page appear to be coming from another machine
- Substitute a page on another server for the entire block page
|NOTE||You can either create new, custom block messages or block pages, or modify the default block pages. For details, see the Websense Web Security Suite and Websense Enterprise Administrator's Guide, or the Websense Manager Help system.|
Change the message displayed in the top frame of a block page
- In Websense Manager, go to Server > Settings > Block Messages.
- Select http from the Select a protocol to view/edit settings drop-down list.
- Select the Alternate URL radio button, and then enter the path to the HTML file that contains the custom block message. The contents of the alternate HTML file will appear in the top portion of the block page.
|NOTE||To go back to using the default HTML file, customized or not, select the Filtering Services radio button.|
- If you want the alternate message to appear in block pages for all protocols, repeat step 3 for the other protocols available in the Select a protocol to view/edit settings list.
- Click OK.
- Click Save Changes.
Modify the hosts file to make the block page appear to be coming from another machine
- Use Windows Explorer to navigate to the \Windows\system32\drivers\etc directory.
- Use a text editor (such as Notepad) to open the open the hosts file:
# Copyright (c) 1993-1999 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# 126.96.36.199 rhino.acme.com
# source server
# 188.8.131.52 x.acme.com
# x client host
- Save a backup copy of the hosts file in another directory.
- Add a new line at the end of the file, and then enter the machine's IP address, followed by a fictitious host name. For example:
127.0.0.1 localhost10.104.0.38 FakeHostName
- Save your changes. Make sure that the text editor does not add a file extension to the file name. (By default, Notepad adds a ".txt" extension when saving files.)
Substitute the entire block page for a page hosted on another server
To point the block page to another machine, you must edit the eimserver.ini file. When you configure Websense software to use a block page on another machine, the URL redirect no longer includes the name or IP address of the Websense machine. For example, the user's browser normally shows a URL like the following when a block page is displayed:
This URL identifies the server as being located at 10.104.0.38. If you do not want to disclose the location of the host machine, pointing to block pages on another machine is one solution.
When you point to block pages on another server, you lose the functionality associated with block page buttons (used for the Continue, Use Quota Time, and Password Override options). If you use only the block and permit filtering options in your policies, this doesn't present any problems. To preserve the option to use the More Information link, and the Use Quota Time, Go Back, Continue, and Password Override buttons, use the host name masking option described in the previous section.
Before configuring Websense software to point to a block page on another machine, place the default or edited block pages on the new host machine. When the HTML files are in place, edit the eimserver.ini file on the Websense machine:
- Stop all Websense services. (Detailed instructions for Windows, Solaris, and Linux are available in the KB article "How do I start, stop, and/or restart Websense services?", linked below.)
- Navigate to the Websense bin directory (C:\Program Files\Websense\bin or /opt/websense/bin, by default).
- Save a backup copy of the eimserver.ini file in another directory.
- Open the eimserver.ini file in a text editor, and locate the [WebsenseServer] (at the top of the file).
- Enter one of the following below the [WebsenseServer] entry:
Substitute the correct Web server host name for <www.domain.com>.
- UserDefinedBlockPage=http://<IP address>
Substitute the IP address of the host machine for <IP address>.
Note: The protocol portion of the URL (http://) is required.
- Save the file and close the text editor.
- Restart the Websense services as described in the KB article referenced in step 1.
When the services have started, users receive the block page hosted on the new machine.
Notes & Warnings
Additional Problems and Search Terms: Websense Filter Sirius Radio & Microsoft Support being blocked, User blocked when policy set to allow category
- For version 7.6 and later, the default directory for new installs is 'C:\Program Files\Websense\Web Security\' (32-bit machines) or 'C:\Program Files (x86)\Websense\Web Security\' (64-bit machines). The directory for upgrades to 7.6 is C:\Program Files\Websense\.
- While this article was written for Websense Filtering versions 6.3 and earlier, the suggestions may be applied to later versions. However, some service names and paths specified in this article differ in later versions of Webse.