Fortinet 482 FortiWeb 5.0 Patch 6 Administration Guide
URL Access
Policy
Select the name of the URL access policy, if any, that will be applied to
matching requests. See “Grouping access rules per combination of URL
& “Host:”” on page 324.
Attack log messages contain URL Access Violation when this
feature detects a request that violates this policy.
Note: Do not select an URL access policy if this offline protection profile
will be used in a policy with WAF Auto Learning Profile. Selecting an
URL access policy will cause the FortiWeb appliance to reset the
connection when it detects a request with a blocked URL and Host:
field combination, resulting in incomplete session information for the
auto-learning feature.
Allow Request
Method Policy
Select an existing allowed method policy, if any, that will be applied to
matching requests. See “Specifying allowed HTTP methods” on
page 436.
Attack log messages contain HTTP Method Violation when this
feature detects a non-allowed HTTP request method.
Note: If a WAF Auto Learning Profile will be selected in a server policy
using this profile, you must enable the HTTP request methods that will
be used by sessions that you want the FortiWeb appliance to learn
about. If a method is disabled, the FortiWeb appliance will reset the
connection, and therefore cannot learn about the session.
Brute Force
Login
Select the name of a brute force login attack profile, if any, that will be
applied to matching requests. See “Preventing brute force logins” on
page 362.
Attack log messages contain Brute Force Login Violation when
this feature detects a brute force login attack.
IP List Policy Select the name of a client black list or white list, if any, that will be
applied to matching requests. See “Blacklisting & whitelisting clients
individually by source IP” on page 335.
Attack log messages contain Blacklisted IP blocked when this
feature detects a blacklisted source IP address.
Geo IP Select the name of a geographically-based client black list, if any, that
will be applied to matching requests. See “Blacklisting countries &
regions” on page 331.
IP Reputation Enable to apply IP reputation-based blacklisting. See “Blacklisting
source IPs with poor reputation” on page 329.
Setting name Description