Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiADC 7.2.2 CLI Reference
    7.2.2
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.2
    6.0.1
    6.0.0
    5.4.5
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.0
    4.8.1
    4.7.0

    config security wad profile

    config security wad profile

    Use this command to configure a security wad profile.

    Syntax

    config security wad profile

    edit <name>

    set description “anti-defacement profile” // default is blank

    set monitor [ enable | disable ] // default is disable

    *set host <ip-addr or hostname>

    *set connect-type [ ftp | ssh ]

    *set port <port-num>

    *set folder <folder-path>

    set user <user-name>

    set password <passwd> // should not show

    set interval-root <num> // unit is seconds

    set interval-other <num> // unit is seconds

    set monitor-depth <num>

    set skip-max-size <num> // unit is KB

    set skip-file-type <extension-name>

    set auto [ restore | acknowledge | disable ] // default disable

    end

    end

    config system alert-policy

    edit <policy-name>

    config alert-member

    edit <member-name>

    set SEC_Web_Page_Defacement_Detected // add new built-in alert-member

    end

    end

    config system alert

    edit <alert-name>

    set alert-source-type event

    set event SEC_Bot_Detected // add new event type

    set comments "Web page defacement is detected on virtual server"

    end

    description Description of WAD profile, default is blank.
    monitor Enable or disable defacement monitoring, default is disable.
    host The website's IPv4 address or hostname for connecting and monitoring.
    connect-type Connect type to host
    port Host port number
    folder Root directory path to perform monitoring
    user Username to connect to the host.
    password Password to connect to the host; shouldn't show.

    interval-root

    Monitor interval for files in root directory, unit is seconds.

    interval-other

    Monitor interval for files in subdirectories under root directory; unit is seconds.

    monitor-depth

    Maximum directory hierarchy depth that can be monitored.

    skip-max-size

    Skip monitoring files that have a size larger than the maximum number; unit is KB.

    skip-file-type

    Skip monitoring files that have the specified extension name.

    auto

    Restore—Automatically restore to the original content once defacement is found.

    Acknowledge—Automatically confirm the defacement and consider it as new original content

    Disable—Do not perform any automatic action. Default.

    Example

    ADC-6 # config security wad profile

    ADC-6 (profile) # edit 1

    ADC-6 (1) #

    ADC-6 (1) # set description "profile"

    ADC-6 (1) # set monitor enable

    ADC-6 (1) # set host 1.1.1.1

    ADC-6 (1) # set connect-type ftp

    ADC-6 (1) # set port 1

    ADC-6 (1) # set folder "folder"

    ADC-6 (1) # set user test1

    ADC-6 (1) # set password password

    ADC-6 (1) # set interval-root 30

    ADC-6 (1) # set interval-other 30

    ADC-6 (1) # set monitor-depth 1

    ADC-6 (1) # set skip-max-size 2

    ADC-6 (1) # set skip-file-type "extension"

    ADC-6 (1) # set auto restore

    ADC-6 (1) # end

    ADC-6 (1) # get

    description : profile

    monitor : enable

    host : 1.1.1.1

    connect-type : ftp

    port : 1

    folder : folder

    username : test1

    password : *

    interval-root : 30

    interval-other : 30

    monitor-depth : 1

    skip-max-size : 2

    skip-file-type : extension

    auto : restore

    Previous
    Next

    config security wad profile

    config security wad profile

    Use this command to configure a security wad profile.

    Syntax

    config security wad profile

    edit <name>

    set description “anti-defacement profile” // default is blank

    set monitor [ enable | disable ] // default is disable

    *set host <ip-addr or hostname>

    *set connect-type [ ftp | ssh ]

    *set port <port-num>

    *set folder <folder-path>

    set user <user-name>

    set password <passwd> // should not show

    set interval-root <num> // unit is seconds

    set interval-other <num> // unit is seconds

    set monitor-depth <num>

    set skip-max-size <num> // unit is KB

    set skip-file-type <extension-name>

    set auto [ restore | acknowledge | disable ] // default disable

    end

    end

    config system alert-policy

    edit <policy-name>

    config alert-member

    edit <member-name>

    set SEC_Web_Page_Defacement_Detected // add new built-in alert-member

    end

    end

    config system alert

    edit <alert-name>

    set alert-source-type event

    set event SEC_Bot_Detected // add new event type

    set comments "Web page defacement is detected on virtual server"

    end

    description Description of WAD profile, default is blank.
    monitor Enable or disable defacement monitoring, default is disable.
    host The website's IPv4 address or hostname for connecting and monitoring.
    connect-type Connect type to host
    port Host port number
    folder Root directory path to perform monitoring
    user Username to connect to the host.
    password Password to connect to the host; shouldn't show.

    interval-root

    Monitor interval for files in root directory, unit is seconds.

    interval-other

    Monitor interval for files in subdirectories under root directory; unit is seconds.

    monitor-depth

    Maximum directory hierarchy depth that can be monitored.

    skip-max-size

    Skip monitoring files that have a size larger than the maximum number; unit is KB.

    skip-file-type

    Skip monitoring files that have the specified extension name.

    auto

    Restore—Automatically restore to the original content once defacement is found.

    Acknowledge—Automatically confirm the defacement and consider it as new original content

    Disable—Do not perform any automatic action. Default.

    Example

    ADC-6 # config security wad profile

    ADC-6 (profile) # edit 1

    ADC-6 (1) #

    ADC-6 (1) # set description "profile"

    ADC-6 (1) # set monitor enable

    ADC-6 (1) # set host 1.1.1.1

    ADC-6 (1) # set connect-type ftp

    ADC-6 (1) # set port 1

    ADC-6 (1) # set folder "folder"

    ADC-6 (1) # set user test1

    ADC-6 (1) # set password password

    ADC-6 (1) # set interval-root 30

    ADC-6 (1) # set interval-other 30

    ADC-6 (1) # set monitor-depth 1

    ADC-6 (1) # set skip-max-size 2

    ADC-6 (1) # set skip-file-type "extension"

    ADC-6 (1) # set auto restore

    ADC-6 (1) # end

    ADC-6 (1) # get

    description : profile

    monitor : enable

    host : 1.1.1.1

    connect-type : ftp

    port : 1

    folder : folder

    username : test1

    password : *

    interval-root : 30

    interval-other : 30

    monitor-depth : 1

    skip-max-size : 2

    skip-file-type : extension

    auto : restore

    Previous
    Next