Fortinet 392 FortiWeb 5.0 Patch 6 Administration Guide
SQL Injection
(Extended)
Enable to prevent a variety of SQL injection attacks.
Unlike SQL Injection, the extended signatures are more likely to
cause false positives. However, they may be necessary in specific,
high-security data centers. If one of the signatures is causing false
positives and you need to instead configure a custom attack
signature that will not cause false positives, you can individually
disable that signature.
Generic Attacks Enable to prevent other common exploits, including a variety of
injection threats that do not use SQL, such as local file inclusion
(LFI) and remote file inclusion (RFI).
All of this attack’s signatures are automatically enabled when you
enable detection. To disable a specific signature, click the blue
arrow to expand the list, then clear that signature’s check box.
Attack log messages contain Generic Attacks and the subtype
and signature ID (for example, Generic Attacks-Command
Injection : Signature ID 050050030) when this feature
detects a possible attack.
In the Action column, select that the FortiWeb will do when it
detects this type of attack:
•Alert
•Alert & Deny
•Period Block
•Redirect
• Send 403 Forbidden
Generic Attacks
(Extended)
Enable to prevent a variety of exploits and attacks.
Unlike Generic Attacks, the extended signatures are more likely to
cause false positives. However, they may be necessary in specific,
high-security data centers. If one of the signatures is causing false
positives and you need to instead configure a custom attack
signature that will not cause false positives, you can individually
disable that signature.
Setting name Description