DOCUMENT LIBRARY

CLI Reference

Using the CLI
config
execute
- backup
- backup-restore
- blocklist
- certificate
- checklogdisk
- checkmaildisk
- cleanqueue
- create
- date
- db
- dlp
- endpoint
- erase-filesystem
- factoryreset
- factoryreset config
- factoryreset config2
- factoryreset disk
- factoryreset keeplicense
- factoryreset shutdown
- factoryreset2
- factoryreset2 keeplicense
- fips
- formatlogdisk
- formatmaildisk
- formatmaildisk-backup
- forticloud
- ha commands
- ibe data
- ibe user
- license
- lvm
- maintain
- nslookup
- partitionlogdisk
- ping
- ping-option
- ping6
- ping6-option
- raid
- reboot
- reload
- restore as
- restore av
- restore config
- restore image
- restore mail-queues
- safelist
- sched-backup
- shutdown
- smtptest
- ssh
- storage
- telnettest
- traceroute
- update
- user-config
- vm
get
- system performance
- system status
show & show full-configuration
Change log

Home FortiMail 7.4.1 CLI Reference

7.4.1

system fortiguard url-protection

system fortiguard url-protection

Use this command to configure content disarm and reconstruction (CDR) URL click protection options.

Syntax

config system fortiguard url-protection

set click-action {allow-with-confirmation | block}

set click-category {all | default | phishing | unrated}

set isolator-category {all | default | phishing | unrated}

set isolator-url-base <string>

set malformed-html-tag-content-action {remove | rewrite}

set neutralize-category {all | default | phishing | unrated}

set remove-category {all | default | phishing | unrated}

set rewrite-category {all | default | phishing | unrated}

set rewrite-url-base <string>

set sandbox-click-action {allow-with-confirmation | block | submit-only}

set sandbox-status {enable | disable}

set sandbox-timeout <integer>

set sandbox-timeout-action {allow | allow-with-confirmation | block}

end

Variable	Description	Default
click-action {allow-with-confirmation \| block}	Set the FortiSandbox scan action for the click handling category.	block
click-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to authorize URLs on click.	default
isolator-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to be rewritten by FortiIsolator.	unrated
isolator-url-base <string>	Define the rewrite URL base. Enter the prefix `https://` followed by the FortiIsolator FQDN or IP address.
malformed-html-tag-content-action {remove \| rewrite}	Set the malformed HTML tag content action: remove or rewrite URLs that are not exempted.	remove
neutralize-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to neutralize.	unrated
remove-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to remove.	default
rewrite-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to rewrite.	unrated
rewrite-url-base <string>	Define the rewrite URL base. Enter the prefix `https://` followed by the FortiMail FQDN or IP address.
sandbox-click-action {allow-with-confirmation \| block \| submit-only}	Set the FortiSandbox click action: `allow-with-confirmation`: Allow access with a warning. `block`: Block access. `submit-only`: Allows access while sending the URLs for scanning.	allow-with-confirmation
sandbox-status {enable \| disable}	Enable or disable FortiSandbox scanning.	disable
sandbox-timeout <integer>	Specify how long (in seconds) you want to wait for FortiSandbox scan results before you take block, allow, or allow with confirmation actions.	5
sandbox-timeout-action {allow \| allow-with-confirmation \| block}	Set the FortiSandbox timeout action. When URLs are sent to FortiSandbox for scanning, it may take a while to get the results back. It's recommended to specify how long you want to wait for the results (see sandbox-timeout <integer>) before an action is taken.	allow

Previous

Next

system fortiguard url-protection

system fortiguard url-protection

Use this command to configure content disarm and reconstruction (CDR) URL click protection options.

Syntax

config system fortiguard url-protection

set click-action {allow-with-confirmation | block}

set click-category {all | default | phishing | unrated}

set isolator-category {all | default | phishing | unrated}

set isolator-url-base <string>

set malformed-html-tag-content-action {remove | rewrite}

set neutralize-category {all | default | phishing | unrated}

set remove-category {all | default | phishing | unrated}

set rewrite-category {all | default | phishing | unrated}

set rewrite-url-base <string>

set sandbox-click-action {allow-with-confirmation | block | submit-only}

set sandbox-status {enable | disable}

set sandbox-timeout <integer>

set sandbox-timeout-action {allow | allow-with-confirmation | block}

end

Variable	Description	Default
click-action {allow-with-confirmation \| block}	Set the FortiSandbox scan action for the click handling category.	block
click-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to authorize URLs on click.	default
isolator-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to be rewritten by FortiIsolator.	unrated
isolator-url-base <string>	Define the rewrite URL base. Enter the prefix `https://` followed by the FortiIsolator FQDN or IP address.
malformed-html-tag-content-action {remove \| rewrite}	Set the malformed HTML tag content action: remove or rewrite URLs that are not exempted.	remove
neutralize-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to neutralize.	unrated
remove-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to remove.	default
rewrite-category {all \| default \| phishing \| unrated}	Set the URL filter category profile used to identify URLs to rewrite.	unrated
rewrite-url-base <string>	Define the rewrite URL base. Enter the prefix `https://` followed by the FortiMail FQDN or IP address.
sandbox-click-action {allow-with-confirmation \| block \| submit-only}	Set the FortiSandbox click action: `allow-with-confirmation`: Allow access with a warning. `block`: Block access. `submit-only`: Allows access while sending the URLs for scanning.	allow-with-confirmation
sandbox-status {enable \| disable}	Enable or disable FortiSandbox scanning.	disable
sandbox-timeout <integer>	Specify how long (in seconds) you want to wait for FortiSandbox scan results before you take block, allow, or allow with confirmation actions.	5
sandbox-timeout-action {allow \| allow-with-confirmation \| block}	Set the FortiSandbox timeout action. When URLs are sent to FortiSandbox for scanning, it may take a while to get the results back. It's recommended to specify how long you want to wait for the results (see sandbox-timeout <integer>) before an action is taken.	allow

Previous

Next