Fortinet black logo

Handbook

Using the Signature Creation Wizard

Using the Signature Creation Wizard

The Signature Creation Wizard is a step-by-step tool available in the GUI that helps you configure a Web Attack Signature policy based on the database, web server, or web application you want to protect. Using your selections, the Signature Creation Wizard automatically compiles a list of the most applicable WAF Signatures for protecting your database, web server, or web application. You can then apply those WAF Signatures in a Web Attack Signature policy.

Alternatively, you can custom configure a Web Attack Signature policy without using the Signature Creation Wizard. For more information, see Configuring a Web Attack Signature policy.

To configure a Web Attack Signature using the Signature Creation Wizard:
  1. Go to Web Application Firewall > Known Web Attacks.
  2. Click the Web Attack Signature tab.
  3. Click Signature Wizard to display the configuration editor.
  4. From the Database tab, select the database(s) you want to protect. Click Next to navigate to the Web Server tab.
  5. From the Web Server tab, select the web server(s) you want to protect. Click Next to navigate to the Web Application tab, or click Back to navigate to the Database tab.
  6. From the Web Application tab, select the web application(s) you want to protect. Click Next to navigate to the Add Signature tab, or click Back to navigate to the Web Server tab.
  7. From the Add Signature tab, enter a name for your Web Attack Signature policy and click Save.
    The Category and Sub Category sections display the applicable WAF Signatures that you can apply to your policy.
  8. Click Apply to save your Web Attack Signature policy.
  9. Optionally, you can click Save and Edit Signature Details to apply WAF Exceptions where applicable.

Using the Signature Creation Wizard

The Signature Creation Wizard is a step-by-step tool available in the GUI that helps you configure a Web Attack Signature policy based on the database, web server, or web application you want to protect. Using your selections, the Signature Creation Wizard automatically compiles a list of the most applicable WAF Signatures for protecting your database, web server, or web application. You can then apply those WAF Signatures in a Web Attack Signature policy.

Alternatively, you can custom configure a Web Attack Signature policy without using the Signature Creation Wizard. For more information, see Configuring a Web Attack Signature policy.

To configure a Web Attack Signature using the Signature Creation Wizard:
  1. Go to Web Application Firewall > Known Web Attacks.
  2. Click the Web Attack Signature tab.
  3. Click Signature Wizard to display the configuration editor.
  4. From the Database tab, select the database(s) you want to protect. Click Next to navigate to the Web Server tab.
  5. From the Web Server tab, select the web server(s) you want to protect. Click Next to navigate to the Web Application tab, or click Back to navigate to the Database tab.
  6. From the Web Application tab, select the web application(s) you want to protect. Click Next to navigate to the Add Signature tab, or click Back to navigate to the Web Server tab.
  7. From the Add Signature tab, enter a name for your Web Attack Signature policy and click Save.
    The Category and Sub Category sections display the applicable WAF Signatures that you can apply to your policy.
  8. Click Apply to save your Web Attack Signature policy.
  9. Optionally, you can click Save and Edit Signature Details to apply WAF Exceptions where applicable.