Fortinet 361 FortiWeb 5.0 Patch 6 Administration Guide
If any client sends a request for the same URL on your web site 3 times within the same second,
upon the next request, FortiWeb will return a web page with the JavaScript browser validator.
The validator will respond to FortiWeb with the test result. Clients that fail to demonstrate that
they are a web browser will have their requests dropped for the next 2.78 hours (i.e. 10,000
seconds), and the attack will be logged with a High severity level. notification_servers1
includes your central logging FortiAnalyzer, where you will be alerted that the attack attempt is
taking place, and can monitor for attack trend.
See also
•Configuring browser enforcement exceptions
•Preventing an HTTP request flood
•Limiting the total HTTP request rate from an IP
Configuring browser enforcement exceptionsIf some URLs have a separate, higher rate limit for real browser enforcement, you can configure
exceptions to a Real Browser Enforcement rule.
URLs that are an exception will receive a second, higher rate limit. This prevents limitless HTTP
request rates that could be a DoS liability, while still allowing a greater number or requests than
specified in a Real Browser Enforcement rule.
To configure real browser enforcement exception
1. Go to DoS Protection > Application > Real Browser Enforcement Exception.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Protection Configuration category. For
details, see “Permissions” on page 47.
2. Click Create New.
A dialog appears.
3. In Name, type a unique name that can be referenced by other parts of the configuration. Do
not use spaces or special characters. The maximum length is 35 characters.
4. Click OK.
5. Click Create New.
A dialog appears.
Configure this feature for web pages with many graphics, style sheets, scripts, and other
included files. These require more requests from clients as part of their normal operation, and
therefore could cause real browser tests for each legitimate client, depending on the limit that
you configured in the real browser enforcement rule. In this case, configuring exceptions for
high-request web pages can improve performance.
Clear all
Edit
Delete