Fortinet 51 FortiWeb 5.0 Patch 6 Administration Guide
See also
Configuring access profiles
Administrators
Trusted hosts

Trusted hosts

As their name implies, trusted hosts are assumed to be (to a reasonable degree) safe sources of
administrative login attempts.
Configuring the trusted hosts of your administrator accounts (Trusted Host #1, Trusted Host #2,
and Trus ted Hos t #3 ) hardens the security of your FortiWeb appliance by further restricting
administrative access. In addition to knowing the password, an administrator must connect only
from the computer or subnets you specify. The FortiWeb appliance will not allow logins for that
account from any other IP addresses. If all administrator accounts are configured with specific
trusted hosts, FortiWeb will ignore login attempts from all other computers. This eliminates the
risk that FortiWeb could be compromised by a brute force login attack from an untrusted
source.
Trusted host definitions apply both to the web UI and to the CLI when accessed through Telnet,
SSH, or the CLI Console widget. Local console access is not affected by trusted hosts, as the
local console is by definition not remote, and does not occur through the network.
Relatedly, you can white-list trusted end-user IP addresses. End users do not log in to the
web UI, but their connections to protected web servers are normally subject to protective scans
by FortiWeb unless the clients are trusted. See “Blacklisting & whitelisting clients individually by
source IP” on page 335.
See also
Administrators
Configuring access profiles
Permissions
Maximum concurrent administrator sessions
If single administrator mode is enabled, you will not be able to log in while any other account is
logged in. You must either wait for the other person to log out, or power cycle the appliance.
For details, see “Enable Single Admin User login” on page 54.
Global web UI & CLI settings
Some settings for connections to the web UI and CLI apply regardless of which administrator
account you use to log in.
To configure administrator settings
1. Go to System > Admin > Settings.
To access this part of the web UI, your administrator's account access profile must have
Read and Write permission to items in the System Configuration category. For details, see
“Permissions” on page 47.