Fortinet 363 FortiWeb 5.0 Patch 6 Administration Guide
penalizes the source IP address by blocking additional requests for the time period that you
indicate in the profile.
To configure brute force login attack prevention
1. Before you configure a brute force login attack profile, if you want to apply it only to HTTP
requests for a specific real or virtual host, you must first define the web host in a protected
hosts group. For details, see “Defining your protected/allowed HTTP “Host:” header names”
on page 249. You should also enable detection of when source IP addresses are shared by
multiple clients. For details, see “Advanced settings” on page 521.Before you configure the
rate limit, enable detection of when source IP addresses are shared by multiple clients. For
details, see “Advanced settings” on page 521.
2. Go to Web Protection > Access > Brute Force.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Protection Configuration category. For
details, see “Permissions” on page 47.
3. Click Create New.
This scan is bypassed if the client’s source IP is a known search engine and you have enabled
Allow Known Search Engines.
If you do not enable detection of shared IP addresses (Shared IP), the second threshold,
Share IP Access Limit, will be ignored.