Fortinet Document Library

Version:


Table of Contents

User Guide

Download PDF
Copy Link

Settings

Advanced Configuration

Once this option is enabled, you are allowed to configure the following:

  • On each WAF module page, you can configure appropriate actions if the traffic violates WAF rules, such as Period Block, Alert, Alert & Deny.
  • Templates page will appear under Global tab for you to push a collection of WAF settings across multiple applications.

Audit Logs Export

Enable to export system-level events such as user login and server creation to specified log servers.

Notification Emails

FortiWeb Cloud sends notifications to your email about the information related with subscription, new features in each release, system maintenance, certificate expiration and more.

Enable Notification Emails in Global > Settings to send notification emails to your registered email address.

API Key

FortiWeb Cloud RESTful API requires API key authorization. You can generate the API key from the GUI directly. Please note that API key creation does not restrict only to users with write permission. Read-only users can also create API key.

  1. Go to Global > Settings .
  2. Locate API Key.
  3. Click Create.
    An API key ID and an API key secret are generated. Click the View icon to get the hidden key secret and use it for invoking APIs. You have got only one chance to view the key. The key will not be stored at the back-end server.
  4. In the API Key table, you can view the API key ID, the time when the key was created and last used, the active and inactive status.

    You can inactivate the API key in case of any key security problem, and revoke it later.

    Only one API key can be created for an account. You can delete an API key before you create a new one.

    When using this API key, just put it in the HTTP authentication header as below:
    authentication: Basic <api-key-secret>

Origin Server Lock

Lock your origin server's IP address to ensure it can only be used by your account. The Origin Server Lock prevents other accounts on FortiWeb Cloud from setting up an application targeting malicious traffic at your origin server.

The Origin Server Lock setup is only configurable through the cloud provider. Please contact the cloud provider to lock your origin server's IP address.

Settings

Advanced Configuration

Once this option is enabled, you are allowed to configure the following:

  • On each WAF module page, you can configure appropriate actions if the traffic violates WAF rules, such as Period Block, Alert, Alert & Deny.
  • Templates page will appear under Global tab for you to push a collection of WAF settings across multiple applications.

Audit Logs Export

Enable to export system-level events such as user login and server creation to specified log servers.

Notification Emails

FortiWeb Cloud sends notifications to your email about the information related with subscription, new features in each release, system maintenance, certificate expiration and more.

Enable Notification Emails in Global > Settings to send notification emails to your registered email address.

API Key

FortiWeb Cloud RESTful API requires API key authorization. You can generate the API key from the GUI directly. Please note that API key creation does not restrict only to users with write permission. Read-only users can also create API key.

  1. Go to Global > Settings .
  2. Locate API Key.
  3. Click Create.
    An API key ID and an API key secret are generated. Click the View icon to get the hidden key secret and use it for invoking APIs. You have got only one chance to view the key. The key will not be stored at the back-end server.
  4. In the API Key table, you can view the API key ID, the time when the key was created and last used, the active and inactive status.

    You can inactivate the API key in case of any key security problem, and revoke it later.

    Only one API key can be created for an account. You can delete an API key before you create a new one.

    When using this API key, just put it in the HTTP authentication header as below:
    authentication: Basic <api-key-secret>

Origin Server Lock

Lock your origin server's IP address to ensure it can only be used by your account. The Origin Server Lock prevents other accounts on FortiWeb Cloud from setting up an application targeting malicious traffic at your origin server.

The Origin Server Lock setup is only configurable through the cloud provider. Please contact the cloud provider to lock your origin server's IP address.