Fortinet 174 FortiWeb 5.0 Patch 6 Administration Guide
2. Click Create New.
A dialog appears.
3. In Name, type a unique name that can be referenced by other parts of the configuration. Do
not use spaces or special characters. The maximum length is 35 characters.
4. In URL Expression, enter a regular expression that defines this suspicious URL, such as
^/my_admin_panel.jsp.
To test the regular expression against sample text, click the >> (test) icon. This opens the
Regular Expression Validator window where you can fine-tune the expression (see “Regular
expression syntax” on page 673 and “Cookbook regular expressions” on page 680).
5. Click OK.
6. Group custom suspicious URL patterns (see “Grouping custom suspicious request URLs”
on page 174).
7. Group custom and predefined suspicious URL groups together (see “Grouping all
suspicious request URLs” on page 175).
8. Select the supergroup when configuring an auto-learning profile (see “Configuring an
auto-learning profile” on page 177).
See also
Grouping custom suspicious request URLs
Recognizing suspicious requests
Grouping custom suspicious request URLs
Before you can use them, you must first group custom and predefined suspicious URLs.
To configure a custom suspicious URL policy
1. Before you can create a custom suspicious URL rule, you must first define one or more
custom suspicious URLs (see “Configuring custom suspicious request URLs” on page 173).
2. Go to Auto Learn > Custom Pattern > Suspicious URL Policy.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Server Policy Configuration category. For details,
see “Permissions” on page 47.