Fortinet 452 FortiWeb 5.0 Patch 6 Administration Guide
4. If you want to apply this file upload restriction rule only to requests for specific web hosts:
•Enable Host Status.
•From Host, select the IP address or FQDN of a protected host.
Disable Host Status to match the file upload restriction rule based upon the other criteria,
such as the URL, but regardless of the Host: field
5. In Request URL, type the literal URL, such as /upload.php, to which the file upload
restriction applies. The URL must begin with a slash ( / ).
Do not include the name of the host, such as www.example.com, which is configured
separately in the Host drop-down list.
6. In File Upload Limit, type a number to represent the maximum size in kilobytes for any
individual file. The upload rule rejects allowed files larger than this number. The valid range is
from 0 to 5,120 KB (5 MB).
7. Click OK.
8. To add or remove file types, click Add File Types.
A dialog appears.
9. In the File Types pane, select the file types to allow, then click the right arrow (->) to move
them to the Allow Files Types pane.
10.Click OK.
11.Go to Web Protection > Input Validation > File Upload Restriction Policy.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Protection Configuration category. For
details, see “Permissions” on page 47.
12.Click Create New.
A dialog appears.
Microsoft Office Open XML file types such as .docx, xlsx, .pptx, and .vsdx are a type of
ZIP-compressed XML. If you specify restrictions for them, those signatures will take priority.
However, if you do not select a MSOOX restriction but do have an XML or ZIP restriction, the
XML and ZIP restrictions will still apply, and the files will still be restricted.