Fortinet 495 FortiWeb 5.0 Patch 6 Administration Guide
Error Page Select, if any, either [Default] to use or a custom error page, if any, to
use when responding to an HTTP request that violates the policy
when the consequence Action is Alert & Deny or Period Block, and
when the action applies to the HTTP layer. (Actions such as blocking
a TCP/IP connection being initiated cannot, of course, contain an
HTTP response.)
If you select [Default], configure Error Page Return Code and Error
Message. Otherwise see “Uploading a custom error page” on
page 467.
Error Page Return
Code
Type the HTTP status code that FortiWeb will use to respond to
blocked requests, such as:
•200 — OK. Typically indicates success, and accompanies
resource requested by the client.
•400 — Bad Request. Typically indicates wrong syntax.
•403 — Forbidden. Typically indicates inaccessible files.
•404 — File Not Found. Typically indicates missing files.
•500 — Internal Server Error. Typically indicates one of many
possible conditions such as a servlet runtime error.
•501 — Not Implemented. Typically indicates a non-existent
function on the web application.
If the error would normally allow an attacker to fingerprint a vulnerable
application, this status can be customized to provide a more vague
reply to the client. Conversely, if the application does not provide the
correct error status code, you can also use this setting to correct it.
This setting appears only if Error Page is [Default].
Error Message Type an error message that FortiWeb will use to respond to blocked
requests.
The maximum length is 1,023 characters. This option appears only
when Error Page is [Default].
Server Health
Check
Select which server health check, if any, to use when determining
responsiveness of web servers in the server farm, or select Create
New to add a server health check in a pop-up window, without
leaving the current page. For details, see “Configuring server
up/down checks” on page 254.
This option appears only if Deployment Mode is Server Balance, or
Content Routing.
Note: If a web server is unresponsive, wait until the server becomes
responsive again before disabling its server health check. Server
health checks record the up or down status of the server. If you
deactivate the server health check while the server is unresponsive,
the server health check will be unable to update the recorded status,
and FortiWeb appliance will continue to regard the web server as if it
were unresponsive. You can determine the web server’s connectivity
status using the Service Status widget or an SNMP trap. For details,
see “Server Status widget” on page 538 or “Configuring an SNMP
community” on page 581.
Setting name Description