Fortinet Document Library

Version:


Table of Contents

User Guide

Download PDF
Copy Link

File Protection

You can configure FortiWeb Cloud to perform the following tasks.

  • Restrict file uploads based upon file type and size.
  • Scan uploaded files for viruses and Trojans.
  • Submit uploaded files for evaluation and generate attack log messages for files that FortiWeb Cloud has identified as threats.
  1. Go to SECURITY RULES > File Protection.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. Configure these settings.

    Trojans/Backdoor

    Attackers may attempt to upload Trojan horse code (written in scripting languages such as PHP and ASP) to the back-end web servers. The Trojan then infects clients who access an infected web page.

    Enable to detect Trojans in the uploaded files.

    Antivirus Scan

    Enable to scan for viruses, malware, and greyware.

    Advanced Threat Protection

    Enable to send matching files to FortiSandbox for evaluation.

    File Size Limit

    Define the maximum allowed size for the file to upload.

    File Type Validation

    Define the allowed and blocked file types.

    Select file types by clicking Change button, and then select to allow or block such files with Allow and Block buttons.

    Note: The ".zip" file compressed from the compression software (not the command line) that comes with the MacOS and Linux GUI operating systems has the same binary code with the ".jar" file. As a result, blocking the ".jar" file may incorrectly block the ".zip" file.

    To solve this problem, either warn your users not to use the compression methods mentioned above, or do not block the Java Archive(.jar) type.

    Target URL

    Define the target URL that accepts the uploads.

  3. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > Settings.

    Alert

    Accept the request and generate a log message.

    Alert & Deny

    Block the request (or reset the connection) and generate a log message.

    Deny(no log)

    Block the request (or reset the connection) but do not generate log messages.

  4. Click SAVE.

File Protection

You can configure FortiWeb Cloud to perform the following tasks.

  • Restrict file uploads based upon file type and size.
  • Scan uploaded files for viruses and Trojans.
  • Submit uploaded files for evaluation and generate attack log messages for files that FortiWeb Cloud has identified as threats.
  1. Go to SECURITY RULES > File Protection.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. Configure these settings.

    Trojans/Backdoor

    Attackers may attempt to upload Trojan horse code (written in scripting languages such as PHP and ASP) to the back-end web servers. The Trojan then infects clients who access an infected web page.

    Enable to detect Trojans in the uploaded files.

    Antivirus Scan

    Enable to scan for viruses, malware, and greyware.

    Advanced Threat Protection

    Enable to send matching files to FortiSandbox for evaluation.

    File Size Limit

    Define the maximum allowed size for the file to upload.

    File Type Validation

    Define the allowed and blocked file types.

    Select file types by clicking Change button, and then select to allow or block such files with Allow and Block buttons.

    Note: The ".zip" file compressed from the compression software (not the command line) that comes with the MacOS and Linux GUI operating systems has the same binary code with the ".jar" file. As a result, blocking the ".jar" file may incorrectly block the ".zip" file.

    To solve this problem, either warn your users not to use the compression methods mentioned above, or do not block the Java Archive(.jar) type.

    Target URL

    Define the target URL that accepts the uploads.

  3. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > Settings.

    Alert

    Accept the request and generate a log message.

    Alert & Deny

    Block the request (or reset the connection) and generate a log message.

    Deny(no log)

    Block the request (or reset the connection) but do not generate log messages.

  4. Click SAVE.