Document
Library

User Guide

Overview
What's new
Subscribing to FortiWeb Cloud
- Subscribing on AWS Marketplace
- Subscribing on Azure Marketplace
- Subscribing on Google Cloud Marketplace
- Subscribing on OCI Marketplace
- Purchasing contracts
- Two-Factor Authentication
- FortiFlex
FortiCloud Organizational Units
Getting started
- Onboarding applications
- Example: Changing DNS records on AWS Route 53
- Changing IP addresses of origin servers
- Restricting direct traffic & allowing FortiWeb Cloud IP addresses
- How does FortiWeb Cloud choose regions?
- CDN
- Understanding block mode and action
Global settings
- Application management
- Templates
- Audit logs
- Admin management
  - Migrating to IAM user
- Role management
- Contracts
- Cloud Connectors
- Custom block pages
- Settings
- Reports
Threat Analytics
- Threat Analytics
- Attack logs
- WAF Gateway
Log Settings
Configuring network
- Origin Servers
Endpoints
- Supported cipher suites & protocol versions
WAF modules
- How to add or remove a module
- Security Rules
- Client Security
- Access Rules
- Bot Mitigation
- DDoS prevention
- Advanced Applications
  - Custom Rule
  - WebSocket Security
- API Protection
- Application Delivery
- Global Trustlist
Vulnerability Scan
FortiView
Using FortiWeb Cloud with DevOps tools
- Configuring FortiWeb Cloud with Terraform
- Configuring FortiWeb Cloud with Ansible
- Configuring FortiWeb Cloud with Jenkins
Use cases
- Using FortiWeb Cloud behind a Content Distribution Service
- Network settings for applications serving different content over HTTP and HTTPS
- FortiWeb Cloud and Splunk
- Fortinet Security Fabric
- Managing External IdP roles in FortiCloud IAM
- Frequently used regular expressions
Best practices
- Using Dashboard to monitor important notices
- Utilizing FortiView to reduce false positives
- Setting up a secure environment
- How to block the ongoing DDoS attack
Sequence of scans
Supported cipher suites & protocol versions
Maximum configuration values
FAQs
- Onboarding applications
- Network
- Security
- Logs
- Subscriptions and Contracts
- Accounts
- Miscellaneous
Contacting customer service

Home FortiWeb Cloud User Guide

Global Trustlist

Copy Link

Copy Doc ID 2ffc9903-bcb4-11e9-8977-00505692583a:405190

Download PDF

Global Trustlist

You can configure FortiWeb Cloud to ignore scanning parameters specified for modules of signature based detection, syntax based detection, and anomaly detection across the entire application.

Go to SECURITY RULES > Global Trustlist.
You must have already enabled this module in Add Modules. See How to add or remove a module.
Click Create New.

Configure these settings.

Parameter Name

Enter a unique name for the parameter as it appears in the URL or HTTP body.

Request Status

Optionally, you can enable to indicate a regular expression designed to match multiple URLs, which carry the trustlist parameters.

Request URL

Specify a URL value to match, such as ^/*.php, which matches requests for http://www.test.com/^/*.php. The pattern does not require a slash ( / ); however, it must at match URLs that begin with a slash, such as /index.cfm.

See Frequently used regular expressions.

Do not include a domain name because it's by default the domain name of this application.

Click OK.
In the global trustlist table, you can click buttons in to edit, or delete the parameter rule; also, you can choose to enable or disable to indicate the URL to match.

Previous

Next

Global Trustlist

You can configure FortiWeb Cloud to ignore scanning parameters specified for modules of signature based detection, syntax based detection, and anomaly detection across the entire application.

Go to SECURITY RULES > Global Trustlist.
You must have already enabled this module in Add Modules. See How to add or remove a module.
Click Create New.

Configure these settings.

Parameter Name

Enter a unique name for the parameter as it appears in the URL or HTTP body.

Request Status

Optionally, you can enable to indicate a regular expression designed to match multiple URLs, which carry the trustlist parameters.

Request URL

Specify a URL value to match, such as ^/*.php, which matches requests for http://www.test.com/^/*.php. The pattern does not require a slash ( / ); however, it must at match URLs that begin with a slash, such as /index.cfm.

See Frequently used regular expressions.

Do not include a domain name because it's by default the domain name of this application.

Click OK.
In the global trustlist table, you can click buttons in to edit, or delete the parameter rule; also, you can choose to enable or disable to indicate the URL to match.

Previous

Next