Fortinet 468 FortiWeb 5.0 Patch 6 Administration Guide
To configure an error page
1. Using an HTML editor, create an HTML page that includes your chosen error message.
If you plan to display just one page, name it index.html. To use multiple pages such as with a
frame set, make sure the entry point is index.html. The pages may include external files such
as graphics and CSS if necessary.
2. Compress the page or pages and any accompanying graphics or auxiliary files into a .zip,
.gz, or .tgz archive.
The compressed file must not exceed 1 MB.
3. Go to Server Objects > Error Page > Error Page.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Protection Configuration category. For
details, see “Permissions” on page 47.
4. Click Create New.
A dialog appears.
5. In Name, type a name that can be referenced by other parts of the configuration. Do not use
spaces or special characters. The maximum length is 35 characters.
6. Click Browse and locate the compressed error message file you created.
7. Click OK.
Your web browser uploads the file. The FortiWeb appliance examines the file you select. It
will reject any file that does not meet all requirements for file naming, supported
compression format, and maximum size.
To preview the uploaded page, mark its check box in the list of custom error pages, then
click View in the tool bar. The error page will be displayed in the frame to the right of the web
UI navigation menu. To return to the list of error pages, click Return.
8. To apply an error page to blocked requests, select it from Error Page in a server policy (see
“Configuring a server policy” on page 483).
Configuring a protection profile for inline topologiesInline protection profiles combine previously configured rules, profiles, and policies into a
comprehensive set that can be applied by a policy. Inline protection profiles contain only the
features that are supported in inline topologies, which will be used with operation modes such
as reverse proxy and true transparent.
Inline protection profiles’ primary purpose is to block attacks, especially for use in conjunction
with auto-learning profiles. If used in conjunction with auto-learning profiles, you should