Response code modification (or filtering) supports the interception of specific HTML response codes received from servers behind LoadMaster and the substitution of another response code and/or text to send back to the client.

This is typically used in an API Gateway deployment to hide back-end responses that might expose sensitive information to a threat actor, and could also be of use to virtually any application.

  • Response code modification is a Virtual Service option and is disabled by default.
  • In the UI, it's located under a Virtual Service's Advanced Settings.
  • Click Show Text & Mappings to display the response code modification configuration. Note that:
    • The configuration can be edited before enabling the Response Code Modification check box.
    • If any mappings have been configured, the button text will show the number of HTML response codes that have been mapped.
  • On the HTTP Response Code Management page, there are two accordions:
    • Response Text shows the text returned to clients along with the response code. The default is the standard HTML response code text and can be edited. Blank text is not allowed.
    • Response Mappings shows the currently mapped response codes; by default, this table is empty. Use the controls provided to map one or more server HTML response codes to a single code to be returned to clients.

Limitation: Any HTML response code that specifies a redirect (300-399) is only intended to be intercepted on the way from the server and a substitute response code returned to the client. There is no provision for specifying a redirect URL to send to the client.