Fortinet black logo

User Guide

File Protection

Copy Link
Copy Doc ID 2ffc9903-bcb4-11e9-8977-00505692583a:748121
Download PDF

File Protection

You can configure FortiWeb Cloud to perform the following tasks.

  • Restrict file uploads based upon file type and size.
  • Scan uploaded files for viruses and Trojans.
  • Submit uploaded files for evaluation and generate attack log messages for files that FortiWeb Cloud has identified as threats.
  1. Go to SECURITY RULES > File Protection.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. Configure these settings.

    Trojans/Backdoor

    Attackers may attempt to upload Trojan horse code (written in scripting languages such as PHP and ASP) to the back-end web servers. The Trojan then infects clients who access an infected web page.

    Enable to detect Trojans in the uploaded files.

    Antivirus Scan

    Enable to scan for viruses, malware, and greyware.

    Advanced Threat Protection

    Enable to send matching files to FortiSandbox for evaluation.

    Sandbox file evaluation is performed in the same region where the FortiWeb Cloud cluster is located. This ensures compliance with various data regulations such as GDPR.

    This option works only when your application is hosted on AWS or Azure.

    File Size Limit

    Define the maximum allowed size for the file to upload.

    File Type Validation

    Define the allowed and blocked file types.

    Select file types by clicking Change button, and then select to allow or block such files with Allow and Block buttons.

    Note: The ".zip" file compressed from the compression software (not the command line) that comes with the MacOS and Linux GUI operating systems has the same binary code with the ".jar" file. As a result, blocking the ".jar" file may incorrectly block the ".zip" file.

    To solve this problem, either warn your users not to use the compression methods mentioned above, or do not block the Java Archive(.jar) type.

    Target URL

    Define the target URL that accepts the uploads.

  3. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > System Settings > Settings.

    Alert

    Accept the request and generate a log message.

    Alert & Deny

    Block the request (or reset the connection) and generate a log message.

    Deny(no log)

    Block the request (or reset the connection) but do not generate log messages.

  4. Click SAVE.

File Protection

You can configure FortiWeb Cloud to perform the following tasks.

  • Restrict file uploads based upon file type and size.
  • Scan uploaded files for viruses and Trojans.
  • Submit uploaded files for evaluation and generate attack log messages for files that FortiWeb Cloud has identified as threats.
  1. Go to SECURITY RULES > File Protection.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. Configure these settings.

    Trojans/Backdoor

    Attackers may attempt to upload Trojan horse code (written in scripting languages such as PHP and ASP) to the back-end web servers. The Trojan then infects clients who access an infected web page.

    Enable to detect Trojans in the uploaded files.

    Antivirus Scan

    Enable to scan for viruses, malware, and greyware.

    Advanced Threat Protection

    Enable to send matching files to FortiSandbox for evaluation.

    Sandbox file evaluation is performed in the same region where the FortiWeb Cloud cluster is located. This ensures compliance with various data regulations such as GDPR.

    This option works only when your application is hosted on AWS or Azure.

    File Size Limit

    Define the maximum allowed size for the file to upload.

    File Type Validation

    Define the allowed and blocked file types.

    Select file types by clicking Change button, and then select to allow or block such files with Allow and Block buttons.

    Note: The ".zip" file compressed from the compression software (not the command line) that comes with the MacOS and Linux GUI operating systems has the same binary code with the ".jar" file. As a result, blocking the ".jar" file may incorrectly block the ".zip" file.

    To solve this problem, either warn your users not to use the compression methods mentioned above, or do not block the Java Archive(.jar) type.

    Target URL

    Define the target URL that accepts the uploads.

  3. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > System Settings > Settings.

    Alert

    Accept the request and generate a log message.

    Alert & Deny

    Block the request (or reset the connection) and generate a log message.

    Deny(no log)

    Block the request (or reset the connection) but do not generate log messages.

  4. Click SAVE.