Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiADC 5.4.0 CLI Reference
    5.4.0
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.2
    6.0.1
    6.0.0
    5.4.5
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.0
    4.8.1
    4.7.0

    config security waf bot-detection

    config security waf bot-detection

    Use this command to configure bot detection policies. Bot detection policies use heuristics to detect client traffic likely to be generated by robots instead of genuine clients. You can use predefined blacklists and whitelists to get started. You can use the user-specified whitelist table to fine-tune detection.

    Before you begin:

    • You must have read-write permission for security settings.

    After you have created a bot detection policy, you can specify it in a WAF profile configuration.

    Syntax

    config security waf bot-detection

    edit <name>

    set status {enable|disable}

    set bad-robot {enable|disable}

    set search-engine-crawler {enable|disable}

    set search-engine list [Ask|Baidu|Bing|DuckDuckGo|Google|Sogou|Yahoo|Yandex ]

    set action {datasource}

    set http-request-rate <integer>

    set severity {high|low|medium}

    config whitelist

    edit <No.>

    set cookie-name-pattern <string>

    set ip <subnet>

    set url-pattern <string>

    set url-parameter-name-pattern <string>

    set user-agent-pattern <string>

    next

    end

    next

    end

    status

    		 Enable/disable bot detection.

    bad-robot

    		 Enable/disable the predefined bad robot blacklist.

    search-engine-crawler

    		 Enable/disable the predefined search engine spider whitelist.

    search-engine-list

    Set list of search engines. Default value is all search engines.

    action

    		 Specify a WAF action object.

    http-request-rate

    		 The default is 0 (off). The valid range is 0-100,000,000 requests per second.

    severity
    • high
    • medium
    • low
    config whitelist

    cookie-name-pattern

    Matching string. Regular expressions are supported.

    ip

    Matching subnet (CIDR format).

    url-pattern

    Matching string. Regular expressions are supported.

    url-parameter-name-pattern

    Matching string. Regular expressions are supported.

    user-agent-pattern

    Matching string. Regular expressions are supported.

    Example

    ADC-3 (root) # config security waf bot-detection

    ADC-3 (bot-detection) # edit waf-bot-detection-policy

    ADC-3 (waf-bot-detect~y) # get

    status : disable

    ADC-3 (waf-bot-detect~y) # set status enable

    ADC-3 (waf-bot-detect~y) # get

    status : enable

    search-engine-crawler : enable

    search-engine-list : Bing Google Yahoo

    bad-robot : enable

    http-request-rate : 0

    action :

    severity : low

    ADC-3 (waf-bot-detect~y) # config whitelist

    ADC-3 (whitelist) # edit 1

    ADC-3 (1) # get

    ip : 0.0.0.0/0

    url-pattern :

    url-parameter-name-pattern :

    user-agent-pattern :

    cookie-name-pattern :

    ADC-3 (1) # set ip 10.1.1.0/24

    ADC-3 (1) # end

    ADC-3 (waf-bot-detect~y) # end

    Previous
    Next

    config security waf bot-detection

    config security waf bot-detection

    Use this command to configure bot detection policies. Bot detection policies use heuristics to detect client traffic likely to be generated by robots instead of genuine clients. You can use predefined blacklists and whitelists to get started. You can use the user-specified whitelist table to fine-tune detection.

    Before you begin:

    • You must have read-write permission for security settings.

    After you have created a bot detection policy, you can specify it in a WAF profile configuration.

    Syntax

    config security waf bot-detection

    edit <name>

    set status {enable|disable}

    set bad-robot {enable|disable}

    set search-engine-crawler {enable|disable}

    set search-engine list [Ask|Baidu|Bing|DuckDuckGo|Google|Sogou|Yahoo|Yandex ]

    set action {datasource}

    set http-request-rate <integer>

    set severity {high|low|medium}

    config whitelist

    edit <No.>

    set cookie-name-pattern <string>

    set ip <subnet>

    set url-pattern <string>

    set url-parameter-name-pattern <string>

    set user-agent-pattern <string>

    next

    end

    next

    end

    status

    		 Enable/disable bot detection.

    bad-robot

    		 Enable/disable the predefined bad robot blacklist.

    search-engine-crawler

    		 Enable/disable the predefined search engine spider whitelist.

    search-engine-list

    Set list of search engines. Default value is all search engines.

    action

    		 Specify a WAF action object.

    http-request-rate

    		 The default is 0 (off). The valid range is 0-100,000,000 requests per second.

    severity
    • high
    • medium
    • low
    config whitelist

    cookie-name-pattern

    Matching string. Regular expressions are supported.

    ip

    Matching subnet (CIDR format).

    url-pattern

    Matching string. Regular expressions are supported.

    url-parameter-name-pattern

    Matching string. Regular expressions are supported.

    user-agent-pattern

    Matching string. Regular expressions are supported.

    Example

    ADC-3 (root) # config security waf bot-detection

    ADC-3 (bot-detection) # edit waf-bot-detection-policy

    ADC-3 (waf-bot-detect~y) # get

    status : disable

    ADC-3 (waf-bot-detect~y) # set status enable

    ADC-3 (waf-bot-detect~y) # get

    status : enable

    search-engine-crawler : enable

    search-engine-list : Bing Google Yahoo

    bad-robot : enable

    http-request-rate : 0

    action :

    severity : low

    ADC-3 (waf-bot-detect~y) # config whitelist

    ADC-3 (whitelist) # edit 1

    ADC-3 (1) # get

    ip : 0.0.0.0/0

    url-pattern :

    url-parameter-name-pattern :

    user-agent-pattern :

    cookie-name-pattern :

    ADC-3 (1) # set ip 10.1.1.0/24

    ADC-3 (1) # end

    ADC-3 (waf-bot-detect~y) # end

    Previous
    Next