Fortinet 475 FortiWeb 5.0 Patch 6 Administration Guide
URL Access Select the name of the URL access policy, if any, that will be applied
to matching HTTP requests. See “Grouping access rules per
combination of URL & “Host:”” on page 324.
Attack log messages contain URL Access Violation when this
feature detects a URL matched by this policy.
Page Access Select the page access rule, if any, that defines the URLs that must
be accessed in a specific order. See “Enforcing page order that
follows application logic” on page 411.
Attack log messages contain Page Access Violation when this
feature detects an illegal request order.
This option appears only when Session Management is enabled.
Start Pages Select the start pages rule, if any, that represent legitimate entry
points into your web pages and web services. See “Specifying URLs
allowed to initiate sessions” on page 415.
Attack log messages contain Start Page Violation when this
feature detects a session attempting to initiate illegally.
This option appears only when Session Management is enabled.
Allow Method Select an existing allow method policy, if any, that will be applied to
matching HTTP requests. See “Specifying allowed HTTP methods”
on page 436.
Attack log messages contain HTTP Method Violation when this
feature detects a non-allowed HTTP request method.
IP List Select the name of a client white list or black list, if any, that will be
applied to matching requests. See “Blacklisting & whitelisting clients
individually by source IP” on page 335.
Geo IP Select the name of a geographically-based client black list, if any, that
will be applied to matching requests. See “Blacklisting countries &
regions” on page 331.
DoS Protection Select the name of an existing DoS prevention policy. For details, see
“Grouping DoS protection rules” on page 355.
IP Reputation Enable to apply IP reputation intelligence. See “Blacklisting source
IPs with poor reputation” on page 329.
Setting name Description