Fortinet 356 FortiWeb 5.0 Patch 6 Administration Guide
2. Go to DoS Protection > DoS Protection Policy > DoS Protection Policy.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Protection Configuration category. For
details, see “Permissions” on page 47.
3. Click Create New.
A dialog appears.
4. In Name, type a unique name that can be referenced by other parts of the configuration. Do
not use spaces or special characters. The maximum length is 35 characters.
5. From Real Browser Enforcement, select a rule, if any, that you want to include (see
“Preventing automated requests” on page 357).
6. If you want to apply features that use session cookies, enable HTTP Session Based
Prevention.
•From HTTP Flood Prevention, select an existing rule that sets the maximum number of
HTTP requests per second to a specific URL (see “Preventing an HTTP request flood” on
page 347).
•From Malicious IPs, select an existing rule that limits TCP connections from the same
client (see “Limiting TCP connections per IP address by session cookie” on page 344).
7. If you want to restrict traffic based upon request or connection counts, enable HTTP
Network Based Prevention.
•From HTTP Access Limit, select a rule, if any, that you want to include (see “Limiting TCP
connections per IP address” on page 351).
•From TCP Flood Prevention, select a rule, if any, that you want to include (see
“Preventing a TCP SYN flood” on page 354).
8. Click OK.
9. To apply the policy, select the DoS protection policy in an inline protection profile (see
“Configuring a protection profile for inline topologies” on page 468).
10.If you have configured DoS protection features that use session cookies, also enable the
Session Management option in the protection profile.