Fortinet 352 FortiWeb 5.0 Patch 6 Administration Guide
perhaps zero or one request each, until the server is exhausted and has no memory left to track
the TCP states of new connections with legitimate clients.
This feature is similar to DoS Protection > Application > Malicious IPs. However, this feature
counts TCP connections per IP, while Malicious IPs counts TCP connections per session
cookie.
It is also similar to DoS Protection > Network > Syn Cookie. However, this feature counts
fully-formed TCP connections, while Syn Cookie counts partially-formed TCP connections.
FortiWeb counts the TCP connections. If a source IP address exceeds the limit, FortiWeb
executes the Action for that client.
To configure a TCP connection flood limit
1. Go to DoS Protection > Network > TCP Flood Prevention.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Protection Configuration category. For
details, see “Permissions” on page 47.
2. Click Create New.
A dialog appears.
3. Configure these settings:
Setting name Description
Name Type a unique name that can be referenced in other parts of the
configuration. Do not use spaces or special characters. The
maximum length is 35 characters.
TCP Connection
Number Limit
Type the maximum number of TCP connections allowed with a
single source IP address.
The valid range is from 0 to 65,535. The default is 0.