Fortinet black logo

Handbook

Configuring WAF Action objects

Configuring WAF Action objects

Configure what action FortiADC should take when it meets the WAF conditions.

Before you begin:

  • You must have Read-Write permission for Security settings.

After you have created an action object, you can specify it in individual WAF feature rules.

To configure an exception object:

1. Go to Web Application Firewall > WAF Profile.

2. Click the Action tab.

3. Click Create New to display the configuration editor.

4. Complete the configuration of WAF Action objects.

5. Save the configuration.

Settings Guidelines
Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

After you initially save the configuration, you cannot edit the name.

Action Type

Select which action FortiADC takes when the conditions are fulfilled for WAF:

Pass—Allow the request.

Deny—Block the request.

Period Block—Deny all the HTTP requests from a source IP within a period which specified by Period Block.

Redirect—Send a redirect. You must specify the redirect URL.

Captcha—Requires the client to successfully fulfill the CAPTCHA request.

Deny Code

Specify the HTTP response code, Default: 403.

200, 202, 204, 205, 400, 403, 404, 406, 408, 410, 500, 501, 502, 503, 504

Note: This option is only available when the action type is Deny or Period Block.

Period Block

1-3600 seconds; Default: 60.

Note: This option is only available when the action type is Period Block.

Redirect URL

Specify the URL that you want to redirect.

Note: This option is only available when the action type is Redirect.

Log Status Enable/Disable log of events
Comment Enter comment or description of the action for your records.

Configuring WAF Action objects

Configure what action FortiADC should take when it meets the WAF conditions.

Before you begin:

  • You must have Read-Write permission for Security settings.

After you have created an action object, you can specify it in individual WAF feature rules.

To configure an exception object:

1. Go to Web Application Firewall > WAF Profile.

2. Click the Action tab.

3. Click Create New to display the configuration editor.

4. Complete the configuration of WAF Action objects.

5. Save the configuration.

Settings Guidelines
Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

After you initially save the configuration, you cannot edit the name.

Action Type

Select which action FortiADC takes when the conditions are fulfilled for WAF:

Pass—Allow the request.

Deny—Block the request.

Period Block—Deny all the HTTP requests from a source IP within a period which specified by Period Block.

Redirect—Send a redirect. You must specify the redirect URL.

Captcha—Requires the client to successfully fulfill the CAPTCHA request.

Deny Code

Specify the HTTP response code, Default: 403.

200, 202, 204, 205, 400, 403, 404, 406, 408, 410, 500, 501, 502, 503, 504

Note: This option is only available when the action type is Deny or Period Block.

Period Block

1-3600 seconds; Default: 60.

Note: This option is only available when the action type is Period Block.

Redirect URL

Specify the URL that you want to redirect.

Note: This option is only available when the action type is Redirect.

Log Status Enable/Disable log of events
Comment Enter comment or description of the action for your records.