Fortinet 477 FortiWeb 5.0 Patch 6 Administration Guide
To view or modify a component without leaving the page, next to the drop-down menu
where you have selected the component, click Detail.
5. Click OK.
6. If you intend to use this protection profile in conjunction with an auto-learning profile in order
to indicate which attacks and other aspects should be discovered, also configure the
auto-learning profile. For details, see “Configuring an auto-learning profile” on page 177.
7. To apply the inline protection profile, select it in a server policy. For details, see “How
operation mode affects server policy behavior” on page 463.
See also
How operation mode affects server policy behavior
HTTP sessions & security
Configuring a server policy
Configuring a protection profile for an out-of-band topology or asynchronous mode of operation
Offline protection profiles combine previously configured rules, profiles, and policies into a
comprehensive set that can be applied by a policy. Offline protection profiles contain only the
features that are supported in out-of-band topologies and asynchronous inspection, which will
be used with operation modes such as transparent inspection and offline protection.
Offline protection profiles’ primary purpose is to detect attacks, especially for use in
conjunction with auto-learning profiles. Depending on the routing and network load, due to
limitations inherent to out-of-band topologies and asynchronous inspection, FortiWeb may not
be able to reliably block all of the attacks it detects, even if you have configured FortiWeb with
an Action setting of Alert & Deny. In fact, if used in conjunction with auto-learning profiles, you
Redirect URL With
Reason
Enable to include the reason for redirection as a parameter in the
URL, such as
reason=Parameter%20Validation%20Violation, when traffic
has been redirected using Redirect URL. The FortiWeb appliance also
adds fortiwaf=1 to the URL to detect and cancel a redirect loop (if
the redirect action would otherwise recursively triggers an attack
event).
By default, this option is disabled.
Caution: If the FortiWeb appliance is protecting a redirect URL,
enable this option to prevent infinite redirect loops.
Data Analytics Enable to gather hit, attack, and traffic volume statistics for each
server policy that includes this profile. See “Configuring policies to
gather data” on page 598 and “Viewing web site statistics” on
page 599.
Note: This option cannot be enabled until you have uploaded a
geography-to-IP mapping database. See “Updating data analytics
definitions” on page 598.
Setting name Description