Hi,
The following article explains how to create that custom error page -
https://www.imperva.com/sign_in.asp?retURL=/articles/Solution/Reverse-Proxy-KRP-TRP-This-page-can-t-be-displayed-Incident-ID-is-0 |
As mentioned by
@Christopher Detzel the most probable reason in TRP is a connection problem, usually a network or and SSL cipher suit issue from the GW to the web server or from the client to the GW.
I'd start with a telnet from the TRP gw to the web server on the relevant port (443 or what you've set).
If telnet works, disable any client and server side negotiation settings, and client authentication rules.
If the issue persists the next step is to run tcpdump on both the incoming and outgoing NICs of the gw, and figure out where the issue is.
Regards,
Roee
------------------------------
Roee Sharon
RSECURE
------------------------------
Original Message:
Sent: 07-15-2020 05:23
From: Tushar Sawant
Subject: Getting WAF default error page for application
Hello,
I have integrated one application with Imperva WAF ( In TRP Mode) and as per our observation after refreshing the application page 3 4 times, we are getting WAF default error page.(attachment 1).
So i have edited the default error page of variable SESSION_ID with EVENT_ID and then getting attachment 2 error page.
In second error page i got the incident id value but still i am able to find the due to which policy violation, i am facing this issue.
I have two concerns for this.
1. Why getting this error page.
2. How to troubleshoot this issue with the help of EVENT ID.
#AttackAnalytics
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Tushar Sawant
Security Analyst
IBM Security
Pune, India.
------------------------------