Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiWeb 6.1.2 CLI Reference
    6.1.2
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.23
    6.3.19
    6.3.18
    6.3.17
    6.3.16
    6.3.15
    6.3.14
    6.3.13
    6.3.11
    6.3.10
    6.3.9
    6.3.7
    6.3.6
    6.3.5
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.2
    6.1.1
    5.7.0
    5.6.1
    5.6.0

    waf web-cache-exception

    waf web-cache-exception

    Use this command to configure FortiWeb to cache responses from your servers.

    Use web-cache-exception to cache all URLs except for a few. To cache only a few URLs, see waf web-cache-policy.

    To apply this policy, include it in an inline protection profile. For details, see waf web-protection-profile inline-protection.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

    Syntax

    config waf web-cache-exception

    edit "<web-cache-exception_rule_name>"

    config exception-list

    edit <entry_index>

    set host-status {enable | disable}

    set host "<host_str>"

    set url-type {plain | regular}

    set url-patten "<url-pattern_str>"

    set cookie-name "<cookie-name_str>"

    end

    next

    end

    Variable Description Default

    "<web-cache-exception_rule_name>"

    Enter the name of a new or existing rule. The maximum length is 63 characters.

    To display the list of existing policies, enter:

    edit ?

    		No default.

    <entry_index>

    Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999.

    		 No default.

    host-status {enable | disable}

    Specify enable to require that the Host: field of the HTTP request match a protected host names entry in order to match the exception. Also specify a value for host.

    		 disable

    host "<host_str>"

    Specify which protected host names entry (either a web host name or IP address) that the Host: field of the HTTP request must be in to match the exception.

    Maximum length is 256 characters.

    This option is available only if the value of host-status {enable | disable} is enabled.

    		 No default.

    url-type {plain | regular}

    Specify the type of value that is used for url-patten "<url-pattern_str>":

    • plain—A literal URL.
    • regular — A regular expression designed to match multiple URLs.
    		 plain

    url-patten "<url-pattern_str>"

    If the value of url-type {plain | regular} is plain, specify the literal URL, such as /index.php, that the HTTP request must contain in order to match the rule. The URL must begin with a slash ( / ).

    If the value of url-type is regular, specify a regular expression, such as ^/*.php, that matches all and only the URLs that the rule applies to. The pattern does not require a slash ( / ); however, it must match URLs that begin with a slash, such as /index.cfm.

    Do not include the domain name, such as www.example.com, which is specified by host.

    Maximum length is 256 characters.

    Tip: Generally, URLs that require autolearning adapters do not work well with caching either. Do not cache dynamic URLs that contain variables such as user names (e.g. older versions of Microsoft OWA) or volatile data such as parameters. Because FortiWeb is unlikely to receive identical subsequent requests for them, dynamic URLs can rapidly consume cache without improving performance.

    		No default.

    cookie-name "<cookie-name_str>"

    Specify the name of the cookie, such as sessionid, as it appears in the Cookie: HTTP header.

    Maximum length is 127 characters.

    Tip: Content that is unique to a user, such as personalized pages that appear after a person has logged in, usually should not be cached. If the web application’s authentication is cookie-based, configure this setting with the name of the authentication cookie. Otherwise, if it is parameter-based, configure the exception with a URL pattern that matches the authentication ID parameter.

    		 No default.

    Related topics

    Previous
    Next

    waf web-cache-exception

    waf web-cache-exception

    Use this command to configure FortiWeb to cache responses from your servers.

    Use web-cache-exception to cache all URLs except for a few. To cache only a few URLs, see waf web-cache-policy.

    To apply this policy, include it in an inline protection profile. For details, see waf web-protection-profile inline-protection.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

    Syntax

    config waf web-cache-exception

    edit "<web-cache-exception_rule_name>"

    config exception-list

    edit <entry_index>

    set host-status {enable | disable}

    set host "<host_str>"

    set url-type {plain | regular}

    set url-patten "<url-pattern_str>"

    set cookie-name "<cookie-name_str>"

    end

    next

    end

    Variable Description Default

    "<web-cache-exception_rule_name>"

    Enter the name of a new or existing rule. The maximum length is 63 characters.

    To display the list of existing policies, enter:

    edit ?

    		No default.

    <entry_index>

    Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999.

    		 No default.

    host-status {enable | disable}

    Specify enable to require that the Host: field of the HTTP request match a protected host names entry in order to match the exception. Also specify a value for host.

    		 disable

    host "<host_str>"

    Specify which protected host names entry (either a web host name or IP address) that the Host: field of the HTTP request must be in to match the exception.

    Maximum length is 256 characters.

    This option is available only if the value of host-status {enable | disable} is enabled.

    		 No default.

    url-type {plain | regular}

    Specify the type of value that is used for url-patten "<url-pattern_str>":

    • plain—A literal URL.
    • regular — A regular expression designed to match multiple URLs.
    		 plain

    url-patten "<url-pattern_str>"

    If the value of url-type {plain | regular} is plain, specify the literal URL, such as /index.php, that the HTTP request must contain in order to match the rule. The URL must begin with a slash ( / ).

    If the value of url-type is regular, specify a regular expression, such as ^/*.php, that matches all and only the URLs that the rule applies to. The pattern does not require a slash ( / ); however, it must match URLs that begin with a slash, such as /index.cfm.

    Do not include the domain name, such as www.example.com, which is specified by host.

    Maximum length is 256 characters.

    Tip: Generally, URLs that require autolearning adapters do not work well with caching either. Do not cache dynamic URLs that contain variables such as user names (e.g. older versions of Microsoft OWA) or volatile data such as parameters. Because FortiWeb is unlikely to receive identical subsequent requests for them, dynamic URLs can rapidly consume cache without improving performance.

    		No default.

    cookie-name "<cookie-name_str>"

    Specify the name of the cookie, such as sessionid, as it appears in the Cookie: HTTP header.

    Maximum length is 127 characters.

    Tip: Content that is unique to a user, such as personalized pages that appear after a person has logged in, usually should not be cached. If the web application’s authentication is cookie-based, configure this setting with the name of the authentication cookie. Otherwise, if it is parameter-based, configure the exception with a URL pattern that matches the authentication ID parameter.

    		 No default.

    Related topics

    Previous
    Next