Choose Custom to redirect to an external site. The following option appears:

• Redirect URL: Enter the redirected URL that hosts the notification. When the user's browser is redirected, the URL includes query parameters, which administrators can use to customize the page that is served or for logging purposes. During the redirection, all query parameters are sent to the external site. For Web DLP Violation policy requests, the query parameters enable the administrator to find the Web Post DLP transaction. These query parameters are:
  • action: Specifies the action that triggered the redirect. The action can be block or caution.
  • cat: Specifies the URL category of the URL, if available.
  • kind: Specifies the policy that triggered the URL redirection.
    • See a table of possible kind values and their mapping to policies
      Kind

      Policy

      access

      Malware Protection Policy (Security Exceptions)

      antivirus

      Malware Protection Policy

      bandwidth_control

      Bandwidth Control Policy

      blocked_ftp_access

      FTP Control Policy

      category

      URL Filtering Policy

      data_leakage

      DLP Policy

      file_type

      File Type Policy

      p2p

      Advanced Threat Protection Policy

      social_networking

      Cloud App Control Policy (Social Networking & Blogging)

      social_networking_upload

      Cloud App Control Policy (Social Networking & Blogging > Posting)

      1 to 10 of 19

      Page 1 of 2

      Close
  • reason: Specifies the string that contains additional information about the URL.
    • See a table of possible block notifications
      Block Notifications

      Access denied due to bad server certificate

      Block site vulnerable to XSS attacks

      Denied access

      Denied due to closed proxy

      Destination contains potential phishing content

      Destination contains potentially malicious content (response)

      Detected possible adware/spyware traffic (request)

      Detected possible adware/spyware traffic (response)

      Detected possible botnet command and control traffic

      Detected possible botnet command and control traffic

      1 to 10 of 82

      Page 1 of 9

      Close
  • reasoncode: Specifies the reason that this notification or redirect triggered.
  • referer: Specifies the referer URL in URL-encoded format.
  • rule: Specifies the internal rule-id that triggered the block, if available.
  • timebound: Specifies whether this notification or redirect is triggered by a policy that includes time interval as a criterion.
  • url: Specifies the original URL that caused this redirect or notification.
  • user: Specifies the user-id (the login name) of the user, if available.
  • locid: Specifies the internal name of the location configured in the ZIA Admin Portal from which the traffic is originating.
  • lang: Specifies the language in which the site is displayed.
  • zsq: Specifies the parameter used by the Zscaler service.

The following is an example of the redirect URL:

https://redirectpage.com/?url=https://www.gambling.com/&referer=&reason=Not+allowed+to+browse+Gambling+category&reasoncode=CATEGORY_DENIED&timebound=1&action=deny&kind=category&rule=322760&cat=Gambling&user=user@domain.tld&locid=00000000&lang=fr_FR&zsq=JDspV0Ft81ZLq0j55Z0FsFsL6n0VSDV0F86pDD6zsq

To create a custom AUP or EUN for specific websites:

1. Customize the following sample code:

<?php
$url = $_GET['<url>'];
$referer = $_GET['<referer>'];
$reason = $_GET['<reason>'];
$reason_code = $_GET['<reasoncode>'];
$timebound = $_GET['<timebound>'];
$action = $_GET['<action>'];
$kind = $_GET['<kind>'];
$rule = $_GET['<rule>'];
$cat = $_GET['<cat>'];
$user = $_GET['<user>'];
$lang = $_GET['<lang>'];
$zsq = explode("<zsq>", $_GET['<zsq>']);
?>

For example:

<?php
$url = $_GET['https://www.gambling.com'];
$referer = $_GET[''];
$reason = $_GET['Not+allowed+to+browse+Gambling+category'];
$reason_code = $_GET['CATEGORY_DENIED'];
$timebound = $_GET['1'];
$action = $_GET['deny'];
$kind = $_GET['category'];
$rule = $_GET['322760'];
$cat = $_GET['Gambling'];
$user = $_GET['user@domain.tld'];
$lang = $_GET['fr_FR'];
$zsq = explode("JDspV0Ft81ZLq0j55Z0FsFsL6n0VSDV0F86pDD6zsq", $_GET['JDspV0Ft81ZLq0j55Z0FsFsL6n0VSDV0F86pDD6zsq']);
?> 

2. Customize the form action URL to that of the appropriate cloud.
3. Upload the file to a web server.
4. Configure your policy with a custom category containing the website or categories in question, and set the action to Block with a Redirect URL set to the page you uploaded.

If users try to access a website that is set to block and use a custom URL, the service redirects the users to your hosted custom block notification.