Fortinet 322 FortiWeb 5.0 Patch 6 Administration Guide
3. Configure these settings:
Setting
name
Description
Name Type a unique name that can be referenced in other parts of the
configuration. Do not use spaces or special characters. The maximum length
is 35 characters.
Host Status Enable to require that the Host: field of the HTTP request match a
protected hosts entry in order to match the URL access rule. Also configure
Host.
Host Select which protected hosts entry (either a web host name or IP address)
that the Host: field of the HTTP request must be in to match the URL
access rule.
This option is available only if Host Status is enabled.
Action Select which action the FortiWeb appliance will take when it detects a
violation of the rule. Supported options vary (available options are listed in
the description for each specific rule), but may include:
Alert & Deny — Block the request (reset the connection) and generate an
alert email and/or log message.
You can customize the web page that will be returned to the client with
the HTTP status code. See “Uploading a custom error page” on page 467
or Error Message.
Pass — Allow the request. Do not generate an alert and/or log message.
Continue — Generate an alert and/or log message, then continue by
evaluating any subsequent rules defined in the web protection profile (see
“Sequence of scans” on page 23). If no other rules are violated, allow the
request. If multiple rules are violated, a single request will generate
multiple attack log messages.
The default value is Alert.
Caution: This setting will be ignored if Monitor Mode is enabled.
Note: Logging and/or alert email will occur only if enabled and configured.
See “Logging” on page 542 and “Alert email” on page 576.
Note: If you will use this rule set with auto-learning, you should select Pass
or Continue. If Action is Alert & Deny, or any other option that causes the
FortiWeb appliance to terminate or modify the request or reply when it
detects an attack attempt, the interruption will cause incomplete session
information for auto-learning.
Delete
Edit
Clear all