Fortinet 402 FortiWeb 5.0 Patch 6 Administration Guide
To configure a custom signature
1. Go to Web Protection > Known Attacks > Custom Signature.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Protection Configuration category. For
details, see “Permissions” on page 47.
2. Click Create New.
A dialog appears.
3. Configure these settings:
Setting name Description
Name Type a unique name that can be referenced in other parts of the
configuration. Do not use spaces or special characters. The
maximum length is 35 characters.
Direction Select which the expression will be applied to, either:
•Request — Expression will be an attack signature.
•Response — Expression will be a server information disclosure
signature.
Case Sensitive Enable to differentiate sensitive information according to upper
case and lower case letters.
For example, when this option is enabled, an HTTP request
involving tomcat would not match a sensitive information
signature that specifies Tomcat (difference is lower case “t”).