Fortinet 5.0 Patch 6

Fortinet 392 FortiWeb 5.0 Patch 6 Administration Guide

SQL Injection

(Extended)

Enable to prevent a variety of SQL injection attacks.

Unlike SQL Injection, the extended signatures are more likely to

cause false positives. However, they may be necessary in specific,

high-security data centers. If one of the signatures is causing false

positives and you need to instead configure a custom attack

signature that will not cause false positives, you can individually

disable that signature.

Generic Attacks Enable to prevent other common exploits, including a variety of

injection threats that do not use SQL, such as local file inclusion

(LFI) and remote file inclusion (RFI).

All of this attack’s signatures are automatically enabled when you

enable detection. To disable a specific signature, click the blue

arrow to expand the list, then clear that signature’s check box.

Attack log messages contain Generic Attacks and the subtype

and signature ID (for example, Generic Attacks-Command

Injection : Signature ID 050050030) when this feature

detects a possible attack.

In the Action column, select that the FortiWeb will do when it

detects this type of attack:

•Alert

•Alert & Deny

•Period Block

•Redirect

• Send 403 Forbidden

Generic Attacks

(Extended)

Enable to prevent a variety of exploits and attacks.

Unlike Generic Attacks, the extended signatures are more likely to

cause false positives. However, they may be necessary in specific,

high-security data centers. If one of the signatures is causing false

positives and you need to instead configure a custom attack

signature that will not cause false positives, you can individually

disable that signature.

Setting name Description