I see. You will need to write an iRule for that. The iRule below should work--but you will need to find the exact name of the web scraping violation (I don't know it off the top of my head) and then add it to the iRule. Then make sure you enable iRule processing on the security policy.
Something like this:
when ASM_REQUEST_BLOCKING {
if { [lindex [ASM::violation_data] 0] contains "WEB_SCRAPING_DETECTED" } {
log local3. "WEB_SCRAPING_DETECTED"
set response "<html><head><title>Your Page Title Here</title></head><body>Your message text here.</body></html>"
ASM::payload replace 0 [ASM::payload length] ""
ASM::payload replace 0 0 $response
set asm_payload_length [ASM::payload length]
}
}
when HTTP_RESPONSE_RELEASE {
if { [info exists asm_payload_length] }{
if {$asm_payload_length > 0} {
HTTP::header remove Content-Length
HTTP::header insert Content-Length $asm_payload_length
}