Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 25.2.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    User Guide

    Home FortiAppSec Cloud User Guide
    25.2.0
    26.1.0
    25.4.0
    25.3.0
    25.2.0

    File Protection

    File Protection

    You can configure FortiAppSec Cloud to perform the following tasks.

    • Restrict file uploads based upon file type and size.
    • Scan uploaded files for viruses and Trojans.
    • Submit uploaded files for evaluation and generate attack log messages for files that FortiAppSec Cloud has identified as threats.
    1. Go to Security Rules > File Protection.
      You must have already enabled this module in Add Modules. See Add and Remove Modules.
    2. Configure these settings.

      Trojans/Backdoor

      Attackers may attempt to upload Trojan horse code (written in scripting languages such as PHP and ASP) to the back-end web servers. The Trojan then infects clients who access an infected web page.

      Enable to detect Trojans in the uploaded files.

      Antivirus Scan

      Enable to scan for viruses, malware, and greyware. Please note that due to caching limits, this feature can only process files smaller than 5 MB.

      Advanced Threat Protection

      Enable to send matching files to FortiSandbox Sandbox for evaluation.

      Sandbox file evaluation is performed in the same region where the FortiAppSec Cloud cluster is located. This ensures compliance with various data regulations such as GDPR.

      This option works only when your application is hosted on AWS or Azure.

      File Size Limit

      Define the maximum allowed size for the file to upload.

      File Type Validation

      Define the allowed and blocked file types.

      Select file types by clicking Change button, and then select to allow or block such files with Allow and Block buttons.

      Note: The ".zip" file compressed from the compression software (not the command line) that comes with the MacOS and Linux GUI operating systems has the same binary code with the ".jar" file. As a result, blocking the ".jar" file may incorrectly block the ".zip" file.

      To solve this problem, either warn your users not to use the compression methods mentioned above, or do not block the Java Archive(.jar) type.

      Target URL

      Define the target URL that accepts the uploads.

      JSON File Support

      Enable if you want to further parse the information contained in uploaded JSON files.

      File Name JSON Key Field- Locate the value of the filename parameter, and compare it against the value you entered in this field. This is optional.

      File Upload JSON Key Field- Locate the value of the content parameter, and compare it against the value you set in this field.

    3. Select the action that FortiAppSec Cloud takes when it detects a violation of the rule from the top right corner.

      Alert

      Accept the request and generate a log message.

      Alert & Deny

      Block the request (or reset the connection) and generate a log message.

      Deny (no log)

      Block the request (or reset the connection) but do not generate log messages.

    4. Click SAVE.
    Previous
    Next

    File Protection

    File Protection

    You can configure FortiAppSec Cloud to perform the following tasks.

    • Restrict file uploads based upon file type and size.
    • Scan uploaded files for viruses and Trojans.
    • Submit uploaded files for evaluation and generate attack log messages for files that FortiAppSec Cloud has identified as threats.
    1. Go to Security Rules > File Protection.
      You must have already enabled this module in Add Modules. See Add and Remove Modules.
    2. Configure these settings.

      Trojans/Backdoor

      Attackers may attempt to upload Trojan horse code (written in scripting languages such as PHP and ASP) to the back-end web servers. The Trojan then infects clients who access an infected web page.

      Enable to detect Trojans in the uploaded files.

      Antivirus Scan

      Enable to scan for viruses, malware, and greyware. Please note that due to caching limits, this feature can only process files smaller than 5 MB.

      Advanced Threat Protection

      Enable to send matching files to FortiSandbox Sandbox for evaluation.

      Sandbox file evaluation is performed in the same region where the FortiAppSec Cloud cluster is located. This ensures compliance with various data regulations such as GDPR.

      This option works only when your application is hosted on AWS or Azure.

      File Size Limit

      Define the maximum allowed size for the file to upload.

      File Type Validation

      Define the allowed and blocked file types.

      Select file types by clicking Change button, and then select to allow or block such files with Allow and Block buttons.

      Note: The ".zip" file compressed from the compression software (not the command line) that comes with the MacOS and Linux GUI operating systems has the same binary code with the ".jar" file. As a result, blocking the ".jar" file may incorrectly block the ".zip" file.

      To solve this problem, either warn your users not to use the compression methods mentioned above, or do not block the Java Archive(.jar) type.

      Target URL

      Define the target URL that accepts the uploads.

      JSON File Support

      Enable if you want to further parse the information contained in uploaded JSON files.

      File Name JSON Key Field- Locate the value of the filename parameter, and compare it against the value you entered in this field. This is optional.

      File Upload JSON Key Field- Locate the value of the content parameter, and compare it against the value you set in this field.

    3. Select the action that FortiAppSec Cloud takes when it detects a violation of the rule from the top right corner.

      Alert

      Accept the request and generate a log message.

      Alert & Deny

      Block the request (or reset the connection) and generate a log message.

      Deny (no log)

      Block the request (or reset the connection) but do not generate log messages.

    4. Click SAVE.
    Previous
    Next