Citrix ADC

Custom error status and message for HTML, XML, and JSON error object

When the Citrix Web App Firewall detects a violation, the appliance handles the error scenario using either a redirect URL or the error object (imported into the profile and enabled). If the scenario is handled using an error object configuration, the WAF profile provides a custom response status code and message. You can customize the response error details for an HTML, XML, or JSON error object in the WAF profile.

Note:

By default, the error code and error message are set as “200” and “OK” if error object settings are configured.

When handling error scenarios, it is important for the appliance to respond with appropriate HTTP response status code and message for resolving issues. By providing a custom error status message and custom error status code, the appliance can provide better user intervention to resolve a problem when a violation occurs. For example, if you set the response error code to “404” and the status message to “Not Found”, the user can inspect the response status code and message to check if a violation has occurred. This can help the user to filter responses that contain the error object

Configure custom status code and message for HTML error object in a WAF profile by using the CLI

At the command prompt, type:

set appfw profile <profile-name> -HTMLErrorStatusCode <value> -HTMLErrorStatusMessage <value> -useHTMLErrorObject ON

Example:

set appfw profile profile_1 -HTMLErrorStatusCode 404 -HTMLErrorStatusMessage “Not Found” -useHTMLErrorObject ON

Configure custom status code and message for XML error object in a WAF profile by using the CLI

At the command prompt, type:

set appfw profile <profile-name> -XMLErrorStatusCode <value> -XMLErrorStatusMessage <value>

Example:

set appfw profile profile_1 -XMLErrorStatusCode 406 - XMLErrorStatusMessage “Not Acceptable”

Configure custom status code and message for JSON error object in a WAF profile by using the CLI

At the command prompt, type:

set appfw profile <profile-name> -JSONErrorStatusCode <value> -JSONErrorStatusMessage <value>

Example:

set appfw profile profile_1 -JSONErrorStatusCode 500 - JSONErrorStatusMessage “Internal Server Error”

Configure custom status code and message for HTML, JSON, or XML error object in a WAF profile by using the GUI

  1. Navigate to Security > Citrix Web App Firewall > Profiles.
  2. In the details pane, click Edit.
  3. In the Create Web App Firewall Profile page, click Profile Settings from the Advanced Settings section.
  4. In the Profile settings section, set the following parameters.

    a. HTML Error Object. Select the option for handing error scenarios using an HTML error object. Import the error object from a URL, file, or text. b. HTML Error Status Code. Provide a custom error status code. c. HTML Error Status Message. Provide a customer error message.

  5. Click OK and Done.

Note:

The same procedure is applicable for JSON and XML custom error object settings.

Citrix web app firewall Custom error status and message for HTML, XML, and JSON error object