Fortinet black logo

Handbook

Configuring WAF Exception objects

Configuring WAF Exception objects

Exceptions identify specific hosts or URL patterns that are not subject to processing by WAF rules.

Before you begin:

  • You must have Read-Write permission for Security settings.

After you have created an exception object, you can specify it in WAF profiles and individual WAF feature rules.

To configure an exception object:
  1. Go to Web Application Firewall > WAF Profile.
  2. Click the Exceptions tab.
  3. Click Create New to display the configuration editor.
  4. Complete the configuration as described in WAF Exception objects.
  5. Save the configuration.

WAF Exception objects

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

After you initially save the configuration, you cannot edit the name.

Exception Host Status

Enable/disable setting exceptions by host pattern.
Exception Host Matching string. Regular expressions are supported. For example, you can specify www.example.com, *.example.com, or www.example.* to match a literal host pattern or a wildcard host pattern.
Exception URL

Matching string. Must begin with a URL path separator (/). Regular expressions are supported. For example, you can specify pathnames and files with expressions like \/admin, .*\/data\/1.html, or \/data.*.

Configuring WAF Exception objects

Exceptions identify specific hosts or URL patterns that are not subject to processing by WAF rules.

Before you begin:

  • You must have Read-Write permission for Security settings.

After you have created an exception object, you can specify it in WAF profiles and individual WAF feature rules.

To configure an exception object:
  1. Go to Web Application Firewall > WAF Profile.
  2. Click the Exceptions tab.
  3. Click Create New to display the configuration editor.
  4. Complete the configuration as described in WAF Exception objects.
  5. Save the configuration.

WAF Exception objects

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

After you initially save the configuration, you cannot edit the name.

Exception Host Status

Enable/disable setting exceptions by host pattern.
Exception Host Matching string. Regular expressions are supported. For example, you can specify www.example.com, *.example.com, or www.example.* to match a literal host pattern or a wildcard host pattern.
Exception URL

Matching string. Must begin with a URL path separator (/). Regular expressions are supported. For example, you can specify pathnames and files with expressions like \/admin, .*\/data\/1.html, or \/data.*.