Fortinet 24 FortiWeb 5.0 Patch 6 Administration Guide
Block Period Source IP address of the client (depending on your
configuration of X-header rules (see “Defining your
proxies, clients, & X-headers” on page 266) this could be
derived from either the SRC f
ield in t
he IP header, or an
HTTP header such as X-Forwarded-For: or
X-Real-IP:)
IP List *
(individual client IP black list or
white list)
So
urce IP address of the client in the IP layer
Add X-Forwarded-For:
Add X-Real-IP:
Source IP address of the client in the HTTP layer
IP Reputation Source IP address of the client (depending on your
configura
tion of X-header rules (see “Defining your
proxies, clients, & X-headers” on page 266) this could be
derived from either the SRC f
ield in t
he IP header, or an
HTTP header such as X-Forwarded-For: or
X-Real-IP:)
Allow Known Search Engines Source IP address of the client in the IP layer
Geo IP Source IP address of the client in the IP layer
Host
(allowed/protected host name)
Host:
Allow Method • Host:
•
URL in HTTP
header
• Request method in HTTP header
HTTP Request Limit/sec • Cookie:
•
Se
ssion state
• Responses from the JavaScript browser tests, if any
Session Management • Cookie:
•
Se
ssion state
TCP Connection Number Limit
(Malicious IP)
Sour
ce IP address of the client (depending on your
configura
tion of X-header rules (see “Defining your
proxies, clients, & X-headers” on page 266) this could be
derived from either the SRC f
ield in t
he IP header, or an
HTTP header such as X-Forwarded-For: or
X-Real-IP:)
HTTP Request Limit/sec
(HTTP Flood Prevention)
• Cookie:
• Session state
• URL in the HTTP header
Table 1: Execution sequence (web protection profile)
Scan/action Involves