Filter
Top Products
Fortinet 50 FortiWeb 5.0 Patch 6 Administration Guide
Unlike other administrator accounts, the administrator account named admin exists by default
and cannot be deleted. The admin administrator account is similar to a root administrator
account. This administrator account always has full permission to view and change all FortiWeb
configuration options, including viewing and changing all other administrator accounts. Its
name and permissions cannot be changed. It is the only administrator account that can reset
another administrator’s password without being required to enter that administrator’s existing
password.
For complete access to all commands and abilities, you mus
t
log in with the administrator
account named admin.
Web Protection
Configuration
Policy > Web Protection ...
W
eb Protection ...
DoS Protection ...
Web UI
wafgrp config system dos-prevention
config waf ex
cept
:
• config waf file-compress-rule
• config waf file-uncompress-rule
• config waf http-authen ...
• config waf url-rewrite ...
• config waf web-custom-robot
• config waf web-protection-profile
autolearning-profile
• config waf web-robot
• config waf x-forwarded-for
CLI
Web Vulnerability
Scan Configuration
Web Vulnerability Scan ... Web UI
wvsgrp config wvs ... CLI
* For each config co
mmand, there is an equivalent get/show command, unless
otherwise noted.
config access requires write permission.
get/show
acc
ess requires read permission.
Table 4: Areas of control in access profiles
Access profile
setting
Grants access to*
Set a strong password for the admin administrator account, and change the password
regularly. By default, this administrator account has no password. Failure to maintain the
password of the admin administrator account could compromise the security of your FortiWeb
appliance.