Fortinet 389 FortiWeb 5.0 Patch 6 Administration Guide
Setting name Description
Name Type a unique name that can be referenced in other parts of the
configuration. Do not use spaces or special characters. The
maximum length is 35 characters.
Action
(column)
In each row, select which action the FortiWeb appliance will take
when it detects a violation of the rule. Supported options vary
(available options are listed in the description for each specific
rule), but may include:
•Alert — Accept the request and generate an alert email and/or
log message.
•Alert & Deny — Block the request (or reset the connection) and
generate an alert email and/or log message.
You can customize the web page that will be returned to the
client with the HTTP status code. See “Uploading a custom
error page” on page 467 or Error Message.
•Period Block — Block subsequent requests from the client for
a number of seconds. Also configure Block Period.
You can customize the web page that will be returned to the
client with the HTTP status code. See “Uploading a custom
error page” on page 467 or Error Message.
Note: If FortiWeb is deployed behind a NAT load balancer, when
using this option, you must also define an X-header that
indicates the original client’s IP (see “Defining your proxies,
clients, & X-headers” on page 266). Failure to do so may cause
FortiWeb to block all connections when it detects a violation of
this type.
•Redirect — Redirect the request to the URL that you specify in
the protection profile and generate an alert email and/or log
message. Also configure Redirect URL and Redirect URL With
Reason.