Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Handbook

    Home FortiADC 7.2.4 Handbook
    7.2.4
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.1
    6.0.0
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.7

    Configuring WAF Action objects

    Configuring WAF Action objects

    Configure what action FortiADC should take when it meets the WAF conditions.

    After you have created an action object, you can specify it in individual WAF feature rules.

    Before you begin:

    • You must have Read-Write permission for Security settings.

    In many cases, you can use predefined profiles to get started.

    Predefined actions

    Description

    alert

    WAF policies will allow the traffic to pass and log the event.

    block

    WAF policies will drop the current attack session by HTTP 403 message and block the attacker (according the attacker’s IP address) for 1 hour, and log the event.

    captcha

    WAF policies will allow the traffic to pass if the client successfully fulfills the CAPTCHA request, and log the event.

    deny

    WAF policies will the drop current attack session by HTTP 403 message, and log the event.

    silent-deny

    WAF policies will drop the current attack session by HTTP 403 message, without logging the event.
    To configure a WAF Action object:

    1. Go to Web Application Firewall > WAF Profile.

    2. Click the Action tab.

    3. Click Create New to display the configuration editor.

    4. Complete the configuration of WAF Action objects.

    5. Save the configuration.

    Settings Guidelines
    Name

    Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

    After you initially save the configuration, you cannot edit the name.
    Action Type

    Select which action FortiADC takes when the conditions are fulfilled for WAF:

    • Pass — Allow the request.

    • Deny — Block the request.

    • Period Block — Deny all the HTTP requests from a source IP within a period which specified by Period Block.

    • Redirect — Send a redirect. You must specify the redirect URL.

    • Captcha — Requires the client to successfully fulfill the CAPTCHA request.
    Deny Code

    The Deny Code option is available if the Action Type is Deny or Period Block.

    Select the HTTP response code, Default: 403.

    200, 202, 204, 205, 400, 403, 404, 405, 406, 408, 410, 500, 501, 502, 503, 504
    Period Block

    The Period Block option is available if the Action Type is Period Block.

    Specify a time period when action blocks the client. Default: 60 seconds, Range: 1- 3600 seconds.
    Redirect URL

    The Redirect URL option is available if the Action Type is Redirect.

    Specify the URL that you want to redirect.
    Log Status Enable/Disable log of events
    Comment Enter comment or description of the action for your records.
    Previous
    Next

    Configuring WAF Action objects

    Configuring WAF Action objects

    Configure what action FortiADC should take when it meets the WAF conditions.

    After you have created an action object, you can specify it in individual WAF feature rules.

    Before you begin:

    • You must have Read-Write permission for Security settings.

    In many cases, you can use predefined profiles to get started.

    Predefined actions

    Description

    alert

    WAF policies will allow the traffic to pass and log the event.

    block

    WAF policies will drop the current attack session by HTTP 403 message and block the attacker (according the attacker’s IP address) for 1 hour, and log the event.

    captcha

    WAF policies will allow the traffic to pass if the client successfully fulfills the CAPTCHA request, and log the event.

    deny

    WAF policies will the drop current attack session by HTTP 403 message, and log the event.

    silent-deny

    WAF policies will drop the current attack session by HTTP 403 message, without logging the event.
    To configure a WAF Action object:

    1. Go to Web Application Firewall > WAF Profile.

    2. Click the Action tab.

    3. Click Create New to display the configuration editor.

    4. Complete the configuration of WAF Action objects.

    5. Save the configuration.

    Settings Guidelines
    Name

    Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

    After you initially save the configuration, you cannot edit the name.
    Action Type

    Select which action FortiADC takes when the conditions are fulfilled for WAF:

    • Pass — Allow the request.

    • Deny — Block the request.

    • Period Block — Deny all the HTTP requests from a source IP within a period which specified by Period Block.

    • Redirect — Send a redirect. You must specify the redirect URL.

    • Captcha — Requires the client to successfully fulfill the CAPTCHA request.
    Deny Code

    The Deny Code option is available if the Action Type is Deny or Period Block.

    Select the HTTP response code, Default: 403.

    200, 202, 204, 205, 400, 403, 404, 405, 406, 408, 410, 500, 501, 502, 503, 504
    Period Block

    The Period Block option is available if the Action Type is Period Block.

    Specify a time period when action blocks the client. Default: 60 seconds, Range: 1- 3600 seconds.
    Redirect URL

    The Redirect URL option is available if the Action Type is Redirect.

    Specify the URL that you want to redirect.
    Log Status Enable/Disable log of events
    Comment Enter comment or description of the action for your records.
    Previous
    Next