Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiADC 7.1.2 CLI Reference
    7.1.2
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.2
    6.0.1
    6.0.0
    5.4.5
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.0
    4.8.1
    4.7.0

    config load-balance captcha-profile

    config load-balance captcha-profile

    FortiADC allows administrators to validate incoming users with CAPTCHAs to determine whether a client is a regular user or an attacker. FortiADC can configure the WAF/DoS Policy to issue CAPTCHAs only to clients who meet the attack rules.

    Select a FortiADC default captcha profile from within the virtual server configuration or upload a customized captcha page if you want to use your own captcha verification page for when an WAF/DoS attack detected.

    Syntax

    config load-balance captcha-profile

    edit <captcha-profile-name>

    set vpath <string>

    set max-attempts <integer>

    set max-picture-changes <integer>

    set max-block-period <integer>

    set max-verify-period <integer>

    set max-valid-period <integer>

    set custom-captcha-page <enable/disable>

    set captcha-page-package <file-name>

    set picture-difficulty <hard/easy>

    end

    Paramter

    Description

    vpath

    		Virtual path of captcha function. This path is running on VS, so it will conflict with other configurations like errorpage’s vpath and custom auth page. String type, not empty, maximum length 63, the default value is “/fortiadc_captcha/”

    max-attempts

    		 Maximum attempts for Captcha verification. Integer type, range 1-100, default 5. The client will be blocked upon exceeding max attempts.

    max-picture-changes

    		 The maximum number of times you can change another picture. Integer type, range 1-100, default 5. Attempts to change pictures upon exceeding the maximum number of attempts will not be successful.

    picture-difficulty

    There are two difficulty levels that can be selected: easy and hard.

    Hard level picture may fight AI picture recognition, but may cause difficulty in human identification. Default value is hard.

    max-block-period

    The length of time to block client.

    Integer type, range 10-2592000, default 86400. Client will be reset to untracked state once time has elapsed.

    max-verify-period

    		 The longest verification time from captcha verify action start. Unit second, range 20-86400, default 1200. Exceed this time the client will be blocked.

    custom-captcha-page

    		 Enable/disable captcha page. The default is disabled. If disabled, the custom captcha package file option won’t be valid.

    captcha-page-package

    File package for the customized captcha page.

    The file package must include index.html file, and in the index page, it must include a tag called “%%FORTIADC_CAPTCHA_IFRAME%%”, that we will insert the verify page box on it.

    Note: This option is only available when custom-captcha-package is enabled.
    Previous
    Next

    config load-balance captcha-profile

    config load-balance captcha-profile

    FortiADC allows administrators to validate incoming users with CAPTCHAs to determine whether a client is a regular user or an attacker. FortiADC can configure the WAF/DoS Policy to issue CAPTCHAs only to clients who meet the attack rules.

    Select a FortiADC default captcha profile from within the virtual server configuration or upload a customized captcha page if you want to use your own captcha verification page for when an WAF/DoS attack detected.

    Syntax

    config load-balance captcha-profile

    edit <captcha-profile-name>

    set vpath <string>

    set max-attempts <integer>

    set max-picture-changes <integer>

    set max-block-period <integer>

    set max-verify-period <integer>

    set max-valid-period <integer>

    set custom-captcha-page <enable/disable>

    set captcha-page-package <file-name>

    set picture-difficulty <hard/easy>

    end

    Paramter

    Description

    vpath

    		Virtual path of captcha function. This path is running on VS, so it will conflict with other configurations like errorpage’s vpath and custom auth page. String type, not empty, maximum length 63, the default value is “/fortiadc_captcha/”

    max-attempts

    		 Maximum attempts for Captcha verification. Integer type, range 1-100, default 5. The client will be blocked upon exceeding max attempts.

    max-picture-changes

    		 The maximum number of times you can change another picture. Integer type, range 1-100, default 5. Attempts to change pictures upon exceeding the maximum number of attempts will not be successful.

    picture-difficulty

    There are two difficulty levels that can be selected: easy and hard.

    Hard level picture may fight AI picture recognition, but may cause difficulty in human identification. Default value is hard.

    max-block-period

    The length of time to block client.

    Integer type, range 10-2592000, default 86400. Client will be reset to untracked state once time has elapsed.

    max-verify-period

    		 The longest verification time from captcha verify action start. Unit second, range 20-86400, default 1200. Exceed this time the client will be blocked.

    custom-captcha-page

    		 Enable/disable captcha page. The default is disabled. If disabled, the custom captcha package file option won’t be valid.

    captcha-page-package

    File package for the customized captcha page.

    The file package must include index.html file, and in the index page, it must include a tag called “%%FORTIADC_CAPTCHA_IFRAME%%”, that we will insert the verify page box on it.

    Note: This option is only available when custom-captcha-package is enabled.
    Previous
    Next