Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Handbook

    Home FortiADC 6.1.2 Handbook
    6.1.2
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.1
    6.0.0
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.7

    Web Anti-Defacement

    Web Anti-Defacement

    The Web Anti-Defacement feature examines a website’s files for changes at specified time intervals. If it detects a change that could indicate a defacement attack, it will notify you and quickly react by automatically restoring the website contents to the previous backup.

    To configure a Web Anti-Defacement policy:
    1. Go to Web Application Firewall> Web Anti-Defacement.
    2. Click Create New to display the configuration editor.
    3. Complete the configuration.
    4. Click Test Connection to test the connection between the FortiADC and the web server.
    5. Save the configuration.

    Settings

    Guidelines

    Name

    		Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces. After you initially save the configuration, you cannot edit the name.

    Description

    		A string to describe the purpose of the configuration, to help you and other administrators more easily identify its use.

    Monitor

    		Enable/Disable to monitor the website’s files for changes, and to download backup revisions for reverting the website to its previous revision.

    Host Name/IP Address

    		 Type the IP address or FQDN of the web server.

    Connection Type

    Select which protocol to use when connecting to the website in order to monitor its contents and download website backups.

    • FTP
    • SSH

    Port

    		 Enter the TCP port number on which the website’s real server listens. The standard port number for FTP is 21; the standard port number for SSH is 22. The valid range is 1 to 65535.

    Folder of Web Site

    		 Type the path to the website’s folder, such as public_html or wwwroot, on the real server. The path is relative to the initial location when logging in with the user name that you specify in Username.

    Username

    		Enter the user name that the FortiADC will use to log in to the website’s real server.

    Password

    		Enter the password for the username you entered

    Monitor Interval for Root Folder

    Enter the time interval in seconds between each monitoring connection from the FortiADC to the web server. During this connection, the FortiADC examines Folder of Web Site(but not its subfolders) to see if any files have changed by comparing the files with the latest backup. If it detects any file changes, FortiADC will download a new backup revision. If you have enabled Restore in Automatic Action, FortiADC will revert the files to their previous version.

    The valid range is 1 to 86400 seconds and default value is 600 seconds.

    Moniter Interval for Other Folder

    Enter the time interval in seconds between each monitoring connection from the FortiADC to the web server. During this connection, the FortiADC examines subfolders to see if any files have been changed by comparing the files with the latest backup.

    If it detects any file changes, the FortiADC will download a new backup revision. If you have enabled Restore in Automatic Action, FortiADC will revert the files to their previous version.

    The valid range is 1 to 86400 seconds and default value is 600 seconds.

    Skip Files Larger Than

    Type a file size limit in kilobytes (KB) to indicate which files will be included in the website backup. Files exceeding this size will not be backed up. The valid range is 1 to 102400 KB and the default file size limit is 10240 KB.

    Note: Backing up large files can impact performance.

    Skip Files with these Extensions

    Type zero or more file extensions, such as iso, avi, to exclude from the website backup. Separate each file extension with a comma.

    Note: Backing up large files, such as video and audio, can impact performance.

    Automatic Action

    Select to decide which action will be excuted when the FortiADC detects file changes.

    • Disable - Accept changes and record the change in “Total Changed” table when FortiADC detects that the web site has been changed. You can manually restore the web site to a previous revision.
    • Acknowledge - Automatically accept changes to the web site when FortiADC detects that the web site has been changed
    • Restore - Enable to automatically restore the web site to the previous revision number when FortiADC detects that the website has been changed.

    Accepting or reverting changed files

    The anti-defacement feature maintains a list of files that have changed for each website it monitors. You can use this list to review, accept, and revert the changes.

    To restore all the website files, use Automatic Action - Restore.

    Alternatively, to automatically acknowledge all changes to files (for example, if you are updating the website), use Automatic Action - Acknowledge.

    To accept or revert changed files:
    1. Go to Web Application Firewall > Web Anti-Defacement. For the appropriate website, click the value in the Total Changed column.
    2. Do one of the following:
      1. Select an item in the list, and then click the Acknowledge icon to accept the individual change. FortiADC clears the item from the list.
      2. Select an item in the list, and then click the Revert to icon. In the list of previous versions, click the Revert to this version icon for the version to revert to. FortiADC adds this revert action as a new version in the list.
    Previous
    Next

    Web Anti-Defacement

    Web Anti-Defacement

    The Web Anti-Defacement feature examines a website’s files for changes at specified time intervals. If it detects a change that could indicate a defacement attack, it will notify you and quickly react by automatically restoring the website contents to the previous backup.

    To configure a Web Anti-Defacement policy:
    1. Go to Web Application Firewall> Web Anti-Defacement.
    2. Click Create New to display the configuration editor.
    3. Complete the configuration.
    4. Click Test Connection to test the connection between the FortiADC and the web server.
    5. Save the configuration.

    Settings

    Guidelines

    Name

    		Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces. After you initially save the configuration, you cannot edit the name.

    Description

    		A string to describe the purpose of the configuration, to help you and other administrators more easily identify its use.

    Monitor

    		Enable/Disable to monitor the website’s files for changes, and to download backup revisions for reverting the website to its previous revision.

    Host Name/IP Address

    		 Type the IP address or FQDN of the web server.

    Connection Type

    Select which protocol to use when connecting to the website in order to monitor its contents and download website backups.

    • FTP
    • SSH

    Port

    		 Enter the TCP port number on which the website’s real server listens. The standard port number for FTP is 21; the standard port number for SSH is 22. The valid range is 1 to 65535.

    Folder of Web Site

    		 Type the path to the website’s folder, such as public_html or wwwroot, on the real server. The path is relative to the initial location when logging in with the user name that you specify in Username.

    Username

    		Enter the user name that the FortiADC will use to log in to the website’s real server.

    Password

    		Enter the password for the username you entered

    Monitor Interval for Root Folder

    Enter the time interval in seconds between each monitoring connection from the FortiADC to the web server. During this connection, the FortiADC examines Folder of Web Site(but not its subfolders) to see if any files have changed by comparing the files with the latest backup. If it detects any file changes, FortiADC will download a new backup revision. If you have enabled Restore in Automatic Action, FortiADC will revert the files to their previous version.

    The valid range is 1 to 86400 seconds and default value is 600 seconds.

    Moniter Interval for Other Folder

    Enter the time interval in seconds between each monitoring connection from the FortiADC to the web server. During this connection, the FortiADC examines subfolders to see if any files have been changed by comparing the files with the latest backup.

    If it detects any file changes, the FortiADC will download a new backup revision. If you have enabled Restore in Automatic Action, FortiADC will revert the files to their previous version.

    The valid range is 1 to 86400 seconds and default value is 600 seconds.

    Skip Files Larger Than

    Type a file size limit in kilobytes (KB) to indicate which files will be included in the website backup. Files exceeding this size will not be backed up. The valid range is 1 to 102400 KB and the default file size limit is 10240 KB.

    Note: Backing up large files can impact performance.

    Skip Files with these Extensions

    Type zero or more file extensions, such as iso, avi, to exclude from the website backup. Separate each file extension with a comma.

    Note: Backing up large files, such as video and audio, can impact performance.

    Automatic Action

    Select to decide which action will be excuted when the FortiADC detects file changes.

    • Disable - Accept changes and record the change in “Total Changed” table when FortiADC detects that the web site has been changed. You can manually restore the web site to a previous revision.
    • Acknowledge - Automatically accept changes to the web site when FortiADC detects that the web site has been changed
    • Restore - Enable to automatically restore the web site to the previous revision number when FortiADC detects that the website has been changed.

    Accepting or reverting changed files

    The anti-defacement feature maintains a list of files that have changed for each website it monitors. You can use this list to review, accept, and revert the changes.

    To restore all the website files, use Automatic Action - Restore.

    Alternatively, to automatically acknowledge all changes to files (for example, if you are updating the website), use Automatic Action - Acknowledge.

    To accept or revert changed files:
    1. Go to Web Application Firewall > Web Anti-Defacement. For the appropriate website, click the value in the Total Changed column.
    2. Do one of the following:
      1. Select an item in the list, and then click the Acknowledge icon to accept the individual change. FortiADC clears the item from the list.
      2. Select an item in the list, and then click the Revert to icon. In the list of previous versions, click the Revert to this version icon for the version to revert to. FortiADC adds this revert action as a new version in the list.
    Previous
    Next