Filter
Top Products
Fortinet 195 FortiWeb 5.0 Patch 6 Administration Guide
The Name column contains the name of the parameter, exactly as it was observed in the
parameter or (for parameters extracted by URL replacers) within the URL.
Percentages in the Type
Match and Required columns indicate how likely the parameter with
that name is of that exact data type, and whether or not the web application requires that input
for that URL. The Min. Length and Max. Length columns indicate the likely valid range of length
for that input’s value. The Avg. Length column indicates the average length for that input’s
value. Together, the columns provide information on what is likely the correct configuration of a
profile for that URL.
For example, if M
ax. Leng
th is 255 but Min. Length is 63 and Avg. Length is 64, before
generating a protection profile, you may want to investigate to determine whether 255 is indeed
an appropriate maximum input length, since it deviates so much from the norm. In this case, the
intended minimum and maximum length might really be 63, but a single malicious observed
input had a maximum length of 255.
By default, when you generate a protection pr
ofile from auto-learning data, FortiWeb will use
these statistics to estimate appropriate input rules. However, if auto-learning suggestions are
not appropriate, you can manually override these estimates by using the Set icon and Custom
check box before generating a protection profile. For details, see “To configure a profile using
auto-learning data” on page 196.
Cookies tab
The Cookies ta
b prov
ides tabular statistics on the name, value, expiry date, and associated URL
(path) of each cookie crumb that appeared in HTTP requests.
Cookies that you see in this table can be protected by enabling Cookie Poisoning Detection.
Figure 27:Auto-learning report Cookies tab
This tab appears only for hosts that use cookies, and for items that are leaf nodes in the
navigation tree; that is, they represent a single complete URL as it appeared in a real HTTP
request, and therefore could have had those exact cookies.
If the Name column contains part of a URL or the parameter’s value instead of its name, verify
the regular expression and back references used in your URL replacer.