It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda WAF-as-a-Service
Overview Documentation Training Certification Materials

Response Pages

  • Last updated on

When a visitor to your application breaks certain types of violations, you can display a specific, customized response page. You can display a message, challenge them with CAPTCHA, or display a block page to completely block the client from accessing your application. 

After the response pages are created, you can specify the response pages to display for different responses in the Violation Responses > Response Policies component. For more details, refer to Violation Responses - Response Policies.

Custom Response Page

Response pages are specific to each of your applications. 

You can modify an existing response page or create a new page, using either straight code or with the visual editor.

Creating a Custom Response Page

Important: When editing the response pages for CAPTCHA related pages, note that the captcha.gif, captcha_resp, and captcha_resp_txt are internally recognized hard coded resources and should not be changed for the CAPTCHA functionality to work properly.

Notes:

  • Be sure to preview your custom response page before deploying to ensure everything is correct.
  • If you are altering an default response page and make a mistake in the visual editor, click Reset to Default to reset the page to its original values.

To create a new response page:

  1. Within Barracuda WAF-as-a-Service, open the appropriate application.
  2. Navigate to Response Pages
  3. Click Add Response Page.
  4. Chose whether you want to edit the page in a visual, WYSIWYG editor or use code. 
  5. Specify the content of your page.  
  6. Optionally insert special values to enhance the page. Enter the code directly or, in the visual editor, click Special Values, then click the name of the value to insert into your editing space. You can place it wherever you want in your response page. Special values include: 
    • %action-id – the ID of the Violation Attack, causing this page to display
    • %attack-name – Name of the violation, like Header Count Exceeded or Brute force from IP. 
    • %attack-time – Time the violation occurred, in local time. 
    • %client-ip – IP address of the client request that caused the violation
    • %host – Host header that sent the request
    • %log-id – Unique ID of the firewall log entry for this violation
    • %s – URL of the request that caused this violation
  7. Optionally add special characters, like trademark and copyright marks, using the following HTML code:
    • ® – ®  Registered 
    • ™ – ™   Trademark 
    • © – ©  Copyright 

  8. Optionally add your organization's logo to the top of the page. Click Set Logo to upload and add your logo image.

    The combined size of the logo image and any other images must total 50kb or less. 

  9. Optionally embed one or more images in the response page. The image size must be 12kb or less. 
    • Convert the image to base64 using a utility such as openssl. For example: 
      openssl base64 -in barracuda.jpg -out barracuda-jpg.b64
      Note that you can also use an online tool such as https://www.base64encoder.io/image-to-base64-converter/ 

    • Embed the base64 encoded image into the HTML with the img tag. For more details, refer to  https://www.w3docs.com/snippets/html/how-to-display-base64-images-in-html.html.
      For example, this will insert the Barracuda Networks logo:

      <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFoAAABDCAYAAAAccRJRAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAU3SURBVHhe7ZxJiCRFGIXjTzyIy4gyjuDFFS9udI8ibnhQDyqKCyiiJ1FwARm89LR6c7CqxRXcUERcEA+iDMqAKDLgXFy6CtTLIDgHkRFFxVEZUOjfl1mvuyu7MrMiMyOisrryO3S+v+ims1//9SIyMrJEVU2LP2Sp94ZRc2NrtCdg8Iv4el+sdWFOWqMdI93eHiNyDcvE5PjYGu0IGLwPBl/KMmHV5JiIx5aKSHf5XVnq60aTYfMLFAltR1dEOr0njZgHYPCRfGkd1T26c/46Vgmt0SWRbn8XnHwQBh/Ll9Ko9mDydlZrtEaXADl8KNfgGNUDMPl0Vilaoy3AVO0Avp7KMhvVP2DyCaxGaI0uADGxGzl8A8tChmcYWbRG54CY+AsxcQzLQsaZHNNO7zYAg7/gdM3KZNj8HEUhbUcTmPsYDo8OKktUP0UuX82qkNZogDlxz0Qyx9KOghlGFjNvdBITZVE9DJOPYmXFzBqdtTZhi83gt5GZHAx54VHJZKPmZapSzFRHY178EubF97Isj658ozu3n8+qFDNjNLp4GV08z7I8qv8gly2nfKPMhNGMivw1Cguq5PIwmzqjERVP8eKjlsngQx4rs2k7Gl28FwZfwbI6qocQGcexqsymNBqd/D0GvTNZ1qJuZKySGx042UrTmEmDTv7dlcno5o+oalOQ0XorxdQAk/9DXBzPsh6qfyMyrmdVm3yjXZ1wAPDu28VB7wi+VBuYXHcATZFptHR6T1A2Hun0X0NUPMLSDapfUjkju6PFXEvVaGRp+S38BXexdAa6+SJKZ+QYLWdTNRa8697H6d/J0h2qHSqnFAyGzSXetGIiuYmlO1QPopsfZuWUEaOTt2ODwcziFSPRbSydApNPpnTOaEdrdDlV44DJjyPW7mHpFg8D4DCjRos5hap5iCxSOcfHADjM1GR0pVtO1ug+Cm+kjJal3rOUCRvrSeHXZNi8MO89LtMdreYSqgEquVucQoFcPkzphxX9jMoraaNFLqQiehLFRIDJv+CcRrfFOkQX56+k9Mq4jJ7YwAiT98PkE1n6QfU7Ku+MM/oMHoMCkz+ByWex9AZmGudSemfNaFzSvkq5jsPVsFKIXEW1aVjvaDHnUU0U3zOMNVb0A6ogDEfHOTxODOn2f6L0DgbBmymDMNTRkrmXDHn5DKVX8HvewbvK21pDCtV/qYIxbjCMCdPpIrdT+UfkY6pg2BjtfWRGN/9GGQRdmLN6XMIlidGD55ZzEPF60ZIsy8rkr0B9M+hoNdYbqt3j4S5JA2F0SOGFiXT6T1M6BZHxA2VA9FuKoAyMHrfhRDS92OQKkdOowqFmP1VQbAbD2BDni+LoZr+rcnmo/EgVFDujHYMoeg//PK+rcnno4txDlEGxNhozk9cp6xOZW6hmBvuOVpP6WISqDPZjzB72RrtaG/axH6ME0u13KYMSIRKepx4LTvJNykpkLsWGRh1t6S1JZFS3Ulug9Va8IrmbanKIBlvsHwbRIduoxyNyNNX0EuDOTRZxRpfaB43579eUpcDP/Uw5k8QdXe7ZOZGRzwuywvPiVBkw1uymDAaM1i3U1qA736a0At+/l7IZWH6qjEvi6Cj/NKjIHVR2uHgMzTGYbX1OGYQIJpT6OIRV0KWpD9CbPuQyiiDEHV0NkfupCkEefkXZONAsf1J6p7rRwGrTupgLqJqHyJZQZtcyGj8+/XdHBmb/ysobNY1O3n65dyww4Hh58MY5IlvjjTv4W7xtrahtNE4yfzuCmouppgORHTD7ICuHGPM/rMqF1d6cYg0AAAAASUVORK5CYII=" alt="Barracuda"/>
  10. Click Preview to review your response page. Make any needed fixes, then preview again. 
  11. Click Add

Now you can specify when you want to display this custom response page on the Violation Responses > Response Policies page.