By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to edit 403 error message in AWS WAF

0

is there a way to customize the 403 error message that WAF puts out? Right now our clients are seeing:

<html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> </body> </html>

Is there way to edit this? So that clients aren't seeing html tags etc if they receive a 403 error trying to log into our app? The WAF rule that is triggering this is the AWS-AWSManagedRulesBotControlRuleSet...being that it is a managed rule I can't edit the JSON to put out a different output (is this just a console limitation?). And I tried using the custom response bodies section on the rule but it isn't what I need. I just want to change the above out to say something like: "403 Forbidden" but I don't want clients to be seeing <html> <head> etc on the app...like I'm not sure if I can use the terminal to edit this? I attached a picture so you can see what the error message looks like...it just looks really unprofessional imo. example of message on app

Topics
Security, Identity, & Compliance
Tags
AWS WAF
Language
English
Simon Abisoye
asked 14 days ago76 views
1 Answer
1

Hi,

Yes, there is such a capability announced in 2021: https://aws.amazon.com/about-aws/whats-new/2021/03/aws-waf-adds-support-custom-responses/

See for details to implement: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 13 days ago
profile picture
EXPERT
Adeleke Adebowale J
reviewed 13 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content