Fortinet 27 FortiWeb 5.0 Patch 6 Administration Guide
Solutions for specific web attacks
The types of attacks that web servers are vulnerable to are varied, and evolve as attackers try
new strategies.
FortiWeb appliances offer numerous configurable features for preventing web-related attacks,
including denial-of-service (DoS) assaults, brute-force logins, data theft, and more.

HTTP/HTTPS threats

Servers are increasingly being targeted by exploits at the application layer or higher. These
attacks use HTTP/HTTPS and aim to compromise the target web server, either to steal
information, deface it, or to post malicious files on a trusted site to further exploit visitors to the
site, using the web server to create botnets.
Among its many threat management features, FortiWeb’s fends off attacks that use cross-site
scripting, state-based, and various injection attacks. This helps you comply with protection
standards for:
credit-card data, such as PCI DSS 6.6
• personally identifiable information, such as HIPAA
Tabl e 2 lists several HTTP-related threats and describes how FortiWeb appliances protect
servers from them. FortiWeb can also protect against threats at higher layers (HTML, Flash or
XML applications).
URL Rewriting
(rewriting)
Host:
Referer:
Location:
URL in HTTP header
HTTP body
File Compress Accept-Encoding:
* If a source IP is white listed, subsequent checks will be skipped.
Tabl e 1 : Execution sequence (web protection profile)
Scan/action Involves
Early in your deployment of FortiWeb, configure and run web vulnerability scans to detect the
most common attack vulnerabilities. You can use this to discover attacks that you may be
vulnerable to. For more information, see “Vulnerability scans” on page 505.