Fortinet 494 FortiWeb 5.0 Patch 6 Administration Guide
Web Protection
Profile
Select the profile to apply to the connections accepted by this policy,
or select Create New to add a new profile in a pop-up window,
without leaving the current page.
For details on specific protection profiles, see:
•“Configuring a protection profile for inline topologies” on
page 468,
•“Configuring a protection profile for an out-of-band topology or
asynchronous mode of operation” on page 477, or
Note: Depending on the profile types that the current operation mode
supports, not all profiles may be available. For details, see Tabl e 4 2
on page 463.
Note: Clients with source IP addresses designated as a trusted IP are
exempt from being blocked by the protection profile. For details, see
“Blacklisting & whitelisting clients individually by source IP” on
page 335.
View Profile
Details
To display the settings contained in a profile without leaving the
current page, select a profile from Web Protection Profile, then click
this button.
To return to the policy settings, click Back to Policy Settings.
WAF Auto Learn
Profile
Select the auto-learning profile, if any, to use in order to discover
attacks, URLs, and parameters in your web servers’ HTTP sessions,
or select Create New to add a new auto-learning profile in a pop-up
window, without leaving the current page. For details, see
“Configuring an auto-learning profile” on page 177.
Monitor Mode Enable to override any actions included in the profiles, and instead
accept the request and generate an alert email and/or log message
for all policy violations.
Auto-learning requires that you either configure all actions to be Alert
or enable this option in order to collect complete session information
in order to build accurate protection profiles.
Caution: Enabling this action will cause the FortiWeb appliance to
permit attack attempts to complete, ignoring the Action setting (deny,
redirect, etc.) in protection profile components.
Note: Logging and/or alert email will occur only if enabled and
configured. See “Logging” on page 542 and “Alert email” on
page 576.
Note: This option does not affect real browser enforcement. See
“Preventing automated requests” on page 357.
URL Case
Sensitivity
Enable to differentiate uniform resource locators (URLs) according to
upper case and lower case letters for features that act upon the URLs
in the headers of HTTP requests, such as start page rules, IP list
rules, and page access rules.
For example, when this option is enabled, an HTTP request involving
http://www.Example.com/ would not match profile features that
specify http://www.example.com (difference is lower case "e").
Setting name Description