Fortinet 428 FortiWeb 5.0 Patch 6 Administration Guide
14.Click Create New to add an entry to the set.
A dialog appears.
15.From the rule drop-down list, select the name of an existing input validation rule.
To view or change the information associated with the rule, select the Detail link. The Edit
Parameter Validation Rule dialog appears. Use the browser Back button to return.
16.Click OK.
17.Repeat the previous steps for each input rule that you want to add to the parameter
validation rule.
18.To apply the parameter validation policy, select it in an inline or offline protection profile (see
“Configuring a protection profile for inline topologies” on page 468 or “Configuring a
protection profile for an out-of-band topology or asynchronous mode of operation” on
page 477).
Attack log messages contain Parameter Validation Violation when this feature
detects a parameter rule violation.
See also
Preventing tampering with hidden inputs
Bulk changes to input validation rules
Defining custom data types
Configuring a protection profile for inline topologies
Configuring a protection profile for an out-of-band topology or asynchronous mode of
operation
Connecting to FortiGuard services
How often does Fortinet provide FortiGuard updates for FortiWeb?
Bulk changes to input validation rules
If you need to make the same change to multiple parameter validation rules, you can apply
some changes as a batch instead of individually.
To apply a batch of changes
1. Go to Web Protection > Input Validation > Parameter Validation Rule.
2. Mark the check boxes of all rules that will receive the same change. Additional buttons will
become available on the tool bar, such as Edit Action, Edit Trigger Policy, or Edit Severity.
If you do not want sensitive inputs such as passwords to appear in the attack logs’ packet
payloads, you can obscure them. For details, see “Obscuring sensitive data in the logs” on
page 552.