Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiWeb Cloud User Guide

    WebSocket Security

    WebSocket Security

    WebSocket Protocol is a TCP-based network protocol, which enables full-duplex communication between a web browser and a server.

    FortiWeb Cloud now secures WebSocket traffic with a variety of security controls such as allowed formats, frame and message size and signature detection.

    You can create WebSocket security rules to detect traffic that uses the WebSocket TCP-based protocol.

    To create a WebSocket security rule

    1. Go to ADVANCED APPLICATIONS > XML Protection.
      You must have already enabled this module in Add Modules. See How to add or remove a module.
    2. Click +Add WebSocket Security Rule.
    3. Configure these settings.

      Name

      Type a name that can be referenced by other parts of the configuration.

      Request URL

      Enter the literal URL, such as /index.php, that the HTTP request must contain in order to match the rule.

      Allow WebSocket

      Enable to detect the WebSocket traffic, and FortiWeb Cloud will check any WebSocket related traffic.

      The following fields can be configured only when this option is enabled.

      Allow Formats

      When the WebSocket connection is established , data is transmitted in the form of frame. Select the allowed frame formats that are acceptable matches. By default, both Plain Text and Binary are checked.

      Max Frame Size

      Specify the maximum acceptable frame header and body size in bytes. The valid range is 0–2147483647 bytes.

      Max Message Size

      Specify the maximum acceptable message header and body size in bytes. The valid range is 0–2147483647 bytes.

      Block Extensions

      Enable to not check the extension header in WebSocket handshake packet. By default, this option is disabled.

      Block Known Attacks

      Enable to protect against known attacks, common vulnerabilities and exposures (CVEs), and other exploits as part of the OWASP Top 10.

    4. Enter the allowed origin.
      For example, 121.40.165.18:8800. Only traffic from the allowed origins can be accepted. You can add multiple origins here.
    5. Click OK.
      You can create at most 12 WebSocket security rules for an application.

    To configure actions

    1. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
      To configure the actions, you must first enable the Advanced Configuration in Global > System Settings > Settings.

      Alert

      Accept the request and generate an alert email and/or log message.

      Alert & Deny

      Block the request (or reset the connection) and generate an alert email and/or log message.

      Deny(no log)

      Block the request (or reset the connection).

    2. Click SAVE.
    Previous
    Next

    WebSocket Security

    WebSocket Security

    WebSocket Protocol is a TCP-based network protocol, which enables full-duplex communication between a web browser and a server.

    FortiWeb Cloud now secures WebSocket traffic with a variety of security controls such as allowed formats, frame and message size and signature detection.

    You can create WebSocket security rules to detect traffic that uses the WebSocket TCP-based protocol.

    To create a WebSocket security rule

    1. Go to ADVANCED APPLICATIONS > XML Protection.
      You must have already enabled this module in Add Modules. See How to add or remove a module.
    2. Click +Add WebSocket Security Rule.
    3. Configure these settings.

      Name

      Type a name that can be referenced by other parts of the configuration.

      Request URL

      Enter the literal URL, such as /index.php, that the HTTP request must contain in order to match the rule.

      Allow WebSocket

      Enable to detect the WebSocket traffic, and FortiWeb Cloud will check any WebSocket related traffic.

      The following fields can be configured only when this option is enabled.

      Allow Formats

      When the WebSocket connection is established , data is transmitted in the form of frame. Select the allowed frame formats that are acceptable matches. By default, both Plain Text and Binary are checked.

      Max Frame Size

      Specify the maximum acceptable frame header and body size in bytes. The valid range is 0–2147483647 bytes.

      Max Message Size

      Specify the maximum acceptable message header and body size in bytes. The valid range is 0–2147483647 bytes.

      Block Extensions

      Enable to not check the extension header in WebSocket handshake packet. By default, this option is disabled.

      Block Known Attacks

      Enable to protect against known attacks, common vulnerabilities and exposures (CVEs), and other exploits as part of the OWASP Top 10.

    4. Enter the allowed origin.
      For example, 121.40.165.18:8800. Only traffic from the allowed origins can be accepted. You can add multiple origins here.
    5. Click OK.
      You can create at most 12 WebSocket security rules for an application.

    To configure actions

    1. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
      To configure the actions, you must first enable the Advanced Configuration in Global > System Settings > Settings.

      Alert

      Accept the request and generate an alert email and/or log message.

      Alert & Deny

      Block the request (or reset the connection) and generate an alert email and/or log message.

      Deny(no log)

      Block the request (or reset the connection).

    2. Click SAVE.
    Previous
    Next