File Protection
You can configure FortiWeb Cloud to perform the following tasks.
- Restrict file uploads based upon file type and size.
- Scan uploaded files for viruses and Trojans.
- Submit uploaded files for evaluation and generate attack log messages for files that FortiWeb Cloud has identified as threats.
- Go to SECURITY RULES > File Protection.
You must have already enabled this module in Add Modules. See How to add or remove a module. - Configure these settings.
Trojans/Backdoor
Attackers may attempt to upload Trojan horse code (written in scripting languages such as PHP and ASP) to the back-end web servers. The Trojan then infects clients who access an infected web page.
Enable to detect Trojans in the uploaded files.
Antivirus Scan
Enable to scan for viruses, malware, and greyware.
Advanced Threat Protection
Enable to send matching files to
FortiSandbox for evaluation.Sandbox file evaluation is performed in the same region where the FortiWeb Cloud cluster is located. This ensures compliance with various data regulations such as GDPR.
This option works only when your application is hosted on AWS or Azure.
File Size Limit
Define the maximum allowed size for the file to upload.
File Type Validation
Define the allowed and blocked file types.
Select file types by clicking Change button, and then select to allow or block such files with Allow and Block buttons.
Note: The ".zip" file compressed from the compression software (not the command line) that comes with the MacOS and Linux GUI operating systems has the same binary code with the ".jar" file. As a result, blocking the ".jar" file may incorrectly block the ".zip" file.
To solve this problem, either warn your users not to use the compression methods mentioned above, or do not block the Java Archive(.jar) type.
Target URL
Define the target URL that accepts the uploads.
- Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
To configure the actions, you must first enable the Advanced Configuration in Global > System Settings > Settings.Alert
Accept the request and generate a log message.
Alert & Deny
Block the request (or reset the connection) and generate a log message.
Deny(no log)
Block the request (or reset the connection) but do not generate log messages.
- Click SAVE.