Fortinet 24 FortiWeb 5.0 Patch 6 Administration Guide
Block Period Source IP address of the client (depending on your
configuration of X-header rules (see “Defining your
proxies, clients, & X-headers” on page 266) this could be
derived from either the SRC field in the IP header, or an
HTTP header such as X-Forwarded-For: or
X-Real-IP:)
IP List *
(individual client IP black list or
white list)
Source IP address of the client in the IP layer
Add X-Forwarded-For:
Add X-Real-IP:
Source IP address of the client in the HTTP layer
IP Reputation Source IP address of the client (depending on your
configuration of X-header rules (see “Defining your
proxies, clients, & X-headers” on page 266) this could be
derived from either the SRC field in the IP header, or an
HTTP header such as X-Forwarded-For: or
X-Real-IP:)
Allow Known Search Engines Source IP address of the client in the IP layer
Geo IP Source IP address of the client in the IP layer
Host
(allowed/protected host name)
Host:
Allow Method •Host:
•URL in HTTP header
• Request method in HTTP header
HTTP Request Limit/sec •Cookie:
•Session state
• Responses from the JavaScript browser tests, if any
Session Management • Cookie:
•Session state
TCP Connection Number Limit
(Malicious IP)
Source IP address of the client (depending on your
configuration of X-header rules (see “Defining your
proxies, clients, & X-headers” on page 266) this could be
derived from either the SRC field in the IP header, or an
HTTP header such as X-Forwarded-For: or
X-Real-IP:)
HTTP Request Limit/sec
(HTTP Flood Prevention)
•Cookie:
• Session state
• URL in the HTTP header
Tabl e 1 : Execution sequence (web protection profile)
Scan/action Involves