Fortinet 5.0 Patch 6

Fortinet 348 FortiWeb 5.0 Patch 6 Administration Guide

If the rate exceeds the limit, the FortiWeb appliance executes the Action.

To configure HTTP flood prevention

1. Go to DoS Protection > Application > HTTP Flood Prevention.

To access this part of the web UI, your administrator’s account access profile must have

Read and Write permission to items in the Web Protection Configuration category. For

details, see “Permissions” on page 47.

2. Click Create New.

A dialog appears.

3. Configure these settings:

This scan is bypassed if the client’s source IP is a known search engine and you have enabled

Allow Known Search Engines.

Setting name Description

Name Type a unique name that can be referenced in other parts of the

configuration. Do not use spaces or special characters. The

maximum length is 35 characters.

HTTP Request

Limit/sec

Type the maximum rate of requests per second allowed from a

single HTTP client.

The valid range is from 0 to 4,096. The default is 0. Fortinet

suggests an initial value of 500. See also “Reducing false

positives” on page 624.