Fortinet 5.0 Patch 6 Configuring URL interpreters

Fortinet 152 FortiWeb 5.0 Patch 6 Administration Guide

For example, the page at:

/app/main

always has that same path. After a person logs in, the page’s URL doesn’t become:

/app/marco/main

/app#deepa

For another example, the URL does not dynamically reflect inventory, such as:

/app/sprockets/widget1024894

Some web applications, however, embed parameters within the path structure of the URL, or

use unusual or non-uniform parameter separator characters. If you do not configure URL

replacers for such applications, it can cause your FortiWeb appliance to gather

auto-learning data incorrectly. This can cause the following symptoms:

• Auto-learning reports do not contain a correct URL structure.

• URL or parameter learning is endless.

• When you generate a protection profile from auto-learning, it contains many more URLs than

actually exist, because auto-learning cannot predict that the URL is actually dynamic.

• Parameter data is not complete, despite the fact that the FortiWeb appliance has seen traffic

containing the parameter.

For example, with Microsoft Outlook Web App (OWA), the user’s login name could be

embedded within the path structure of the URL, such as:

/owa/tom/index.html

/owa/mary/index.html

instead of suffixed as a parameter, such as:

/owa/index.html?username=tom

/owa/index.html?username=mary

Auto-learning would continue to create new URLs as new users are added to OWA.

Auto-learning would also expend extra resources learning about URLs and parameters that are

actually the same. Additionally, auto-learning may not be able to fully learn the application

structure, as each user may not request the same URLs.

To solve this, you would create a URL replacer that recognizes the user name within the OWA

URL as if it were a standard, suffixed parameter value so that auto-learning can function

properly.