Fortinet 480 FortiWeb 5.0 Patch 6 Administration Guide
Session
Timeout
Type the HTTP session timeout in seconds.
After this time elapses during which there were no more subsequent
requests, after which the FortiWeb appliance will regard the next request
as the start of a new HTTP session.
This option appears only if Session Management is enabled. The default
is 1200 (20 minutes).
Session Key
Word
Type the name of the session ID, if any, that your web application uses in
the URL to identify each session.
By default, FortiWeb tracks some common session ID names:
ASPSESSIONID, PHPSESSIONID, and JSESSIONID. Configure this
field if your web application uses a custom or uncommon session ID. In
those cases, you do not need to configure this setting.
For example, in the following URL, a web application identifies its
sessions using a parameter with the name mysession:
page.php?mysession=123ABC&user=user1
In that case, you must configure Session Key Word to be mysession so
that FortiWeb will be able to recognize the session ID, 123ABC, and
apply features that require sessions in order to function.
This option appears only if Session Management is enabled.
Signature Select the name of the signature set, if any, that will be applied to
matching requests.
Attack log messages for this feature vary by which type of attack was
detected. For a list, see “Blocking known attacks & data leaks” on
page 387.
Note: If a WAF Auto Learning Profile will be selected in the policy with
this profile, you should select a signature set whose Action is Alert. If the
Action is Alert & Deny, the FortiWeb appliance will reset the connection
when it detects an attack, resulting in incomplete session information for
the auto-learning feature.
Enable AMF3
Protocol
Detection
Enable to scan requests that use action message format 3.0 (AMF3) for:
cross-site scripting (XSS) attacks
SQL injection attacks
common exploits
and other attack signatures that you have enabled in Signature.
AMF3 is a binary format that can be used by Adobe Flash/Flex clients to
send input to server-side software.
Caution: To scan for attacks or enforce input rules on AMF3, you must
enable this option. Failure to enable the option will cause the FortiWeb
appliance to be unable to scan AMF3 requests for attacks.
Enable XML
Protocol
Detection
Enable to scan for matches with attack and data leak signatures in Web
2.0 (XML AJAX) and other XML submitted by clients in the bodies of
HTTP POST requests.
Setting name Description