Fortinet 391 FortiWeb 5.0 Patch 6 Administration Guide
Trigger Action
(column)
In each row, select which trigger, if any, that the FortiWeb appliance
will use when it logs and/or sends an alert email about a violation
of each rule. See “Configuring triggers” on page 557.
Cross Site Scripting Enable to prevent a variety of cross-site scripting (XSS) attacks,
such as some varieties of CSRF (cross-site request forgery).
All of this attack’s signatures are automatically enabled when you
enable detection. To disable a specific signature, click the blue
arrow to expand the list, then clear that signature’s check box.
Attack log messages contain Cross Site Scripting and the
subtype and signature ID (for example, Cross Site Scripting
: Signature ID 010000063) when this feature detects a
possible attack.
In the Action column, select that the FortiWeb will do when it
detects this type of attack:
•Alert
•Alert & Deny
•Period Block
•Redirect
• Send 403 Forbidden
Cross Site Scripting
(Extended)
Enable to prevent a variety of XSS attacks.
Unlike Cross Site Scripting, the extended signatures are more likely
to cause false positives. However, they may be necessary in
specific, high-security data centers. I if one of the signatures is
causing false positives and you need to instead configure a custom
attack signature that will not cause false positives, you can
individually disable that signature.
SQL Injection Enable to prevent SQL injection attacks, such as blind SQL
injection.
All of this attack’s signatures are automatically enabled when you
enable detection. To disable a specific signature, click the blue
arrow to expand the list, then clear that signature’s check box.
Attack log messages contain SQL Injection and the subtype
and signature ID (for example, SQL Injection : Signature
ID 030000010) when this feature detects a possible attack.
In the Action column, select that the FortiWeb will do when it
detects this type of attack:
•Alert
•Alert & Deny
•Period Block
•Redirect
• Send 403 Forbidden
Setting name Description