Fortinet black logo

CLI Reference

server-policy pattern threat-weight

server-policy pattern threat-weight

Use this command to configure the global threat weight of security violations. When a security violation is detected, the threat weight of the security violation is used to calculate the reputation of the device that launched the event. Access to networks and servers can be managed according to a device's reputation calculated using the total threat weight of the device.

For details about Threat Weight, see the FortiWeb Administration Guide:

http://docs.fortinet.com/fortiweb/admin-guides

To use this command, your administrator account’s access control profile must have either w or rw permission to the admingrp area. For details, see Permissions.

Syntax

config server-policy pattern threat-weight

set allow-method {off | low | med | high | crit}

set brute-force-login {off | low | med | high | crit}

set cookie-security-policy {off | low | med | high | crit}

set crit <value_int>

set csrf-protection {off | low | med | high | crit}

set custom-policy {off | low | med | high | crit}

set custom-signature {off | low | med | high | crit}

set dos-protection {off | low | med | high | crit}

set file-upload-restriction {off | low | med | high | crit}

set ftp-security {off | low | med | high | crit}

set geo-ip {off | low | med | high | crit}

set hidden-field-protection {off | low | med | high | crit}

set high <value_int>

set http-protocol-constraints {enable | disable}

set ip-list {off | low | med | high | crit}

set ip-reputaton {off | low | med | high | crit}

set low <value_int>

set med <value_int>

set padding-oracle-protection {off | low | med | high | crit}

set page-access {off | low | med | high | crit}

set parameter-validation {off | low | med | high | crit}

set signature {enable | disable}

set start-pages {off | low | med | high | crit}

set url-access {off | low | med | high | crit}

set user-tracking {off | low | med | high | crit}

set bot-deception {off | low | med | high | crit}

set biometrics-based-detection {off | low | med | high | crit}

set threshold-bot-detection {off | low | med | high | crit}

set bot-detection {off | low | med | high | crit}

set mobile-api-protection {off | low | med | high | crit}

set json-protection {off | low | med | high | crit}

set openapi-validation {off | low | med | high | crit}

set cors-protection {off | low | med | high | crit}

set site-publish {off | low | med | high | crit}

end

Variable Description Default

allow-method {off | low | med | high | crit}

Set the threat weight for HTTP request method violations. med

brute-force-login {off | low | med | high | crit}

Set the threat weight for attempted brute force logins. crit

cookie-security-policy {off | low | med | high | crit}

Set the threat weight for cookie poisoning and other cookie-based attacks. high

crit <value_int>

Set the value for a critical threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 50

csrf-protection {off | low | med | high | crit}

Set the threat weight for cross-site request forgery attacks. high

custom-policy {off | low | med | high | crit}

Set the threat weight for custom policy violations. high

custom-signature {off | low | med | high | crit}

Set the threat weight for attack signature and data leak signatures. high

dos-protection {off | low | med | high | crit}

Set the threat weight for denial of service (DOS) attacks. high

file-upload-restriction {off | low | med | high | crit}

Set the threat weight for violations of upload restriction policies. high

geo-ip {off | low | med | high | crit}

Set the threat weight for requests from blocked countries or regions based on the associated source IP address. high

hidden-field-protection {off | low | med | high | crit}

Set the threat weight for attempts to tamper with hidden field rules. high

high <value_int>

Set the value for a high threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 30

http-protocol-constraints {enable | disable}

Set to enable threat weights for HTTP protocol constraints. Once enabled, the threat weight for each HTTP protocol constraint may be set using waf http-protocol-parameter-restriction. enable

ip-list {off | low | med | high | crit}

Set the threat weight for requests from blacklisted IP addresses. high

ip-reputaton {off | low | med | high | crit}

Set the threat weight for requests from IP addresses with a poor reputation. crit

low <value_int>

Set the value for a low threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 5

med <value_int>

Set the value for a medium threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 10

padding-oracle-protection {off | low | med | high | crit}

Set the threat weight for padding oracle attacks. crit

page-access {off | low | med | high | crit}

Set the threat weight for page order rule violations. med

parameter-validation {off | low | med | high | crit}

Set the threat weight for input rule violations. high

signature {enable | disable}

Set to enable threat weights for signatures. Once enabled, the threat weight for each signature may be set using waf signature. enable

start-pages {off | low | med | high | crit}

Set the threat weight for start page rule violations. med

url-access {off | low | med | high | crit}

Set the threat weight for URL access rule violations. med

user-tracking {off | low | med | high | crit}

Set the threat weight for user tracking rule violations. med

ftp-security {off | low | med | high | crit}

Set the threat weight for ftp security rule violations. med

bot-deception {off | low | med | high | crit}

Set the threat weight for bot deception policy violations.

med

biometrics-based-detection {off | low | med | high | crit}

Set the threat weight for biometrics based detection rule violations.

med

threshold-bot-detection {off | low | med | high | crit}

Set the threat weight for threshold based detection rule violations.

med

bot-detection {off | low | med | high | crit}

Set the threat weight for bot detection violations.

med

mobile-api-protection {off | low | med | high | crit}

Set the threat weight for mobile API protection rule violations.

med

json-protection {off | low | med | high | crit}

Set the threat weight for JSON protection rule violations.

med

openapi-validation {off | low | med | high | crit}

Set the threat weight for OpenAPI validation.

med

cors-protection {off | low | med | high | crit}

Set the threat weight for CORS protection rule violations.

med

site-publish {off | low | med | high | crit}

Set the threat weight for site publish violations.

med

Example

This example adjusts the threat weight of DOS attacks.

config server-policy pattern threat-weight

set dos-protection crit

end

This example disables signatures.

config server-policy pattern threat-weight

set signature disable

end

This example adjusts the risk level value of critical security violations.

config server-policy-pattern threat-weight

set crit 60

end

Related Topics

server-policy pattern threat-weight

server-policy pattern threat-weight

Use this command to configure the global threat weight of security violations. When a security violation is detected, the threat weight of the security violation is used to calculate the reputation of the device that launched the event. Access to networks and servers can be managed according to a device's reputation calculated using the total threat weight of the device.

For details about Threat Weight, see the FortiWeb Administration Guide:

http://docs.fortinet.com/fortiweb/admin-guides

To use this command, your administrator account’s access control profile must have either w or rw permission to the admingrp area. For details, see Permissions.

Syntax

config server-policy pattern threat-weight

set allow-method {off | low | med | high | crit}

set brute-force-login {off | low | med | high | crit}

set cookie-security-policy {off | low | med | high | crit}

set crit <value_int>

set csrf-protection {off | low | med | high | crit}

set custom-policy {off | low | med | high | crit}

set custom-signature {off | low | med | high | crit}

set dos-protection {off | low | med | high | crit}

set file-upload-restriction {off | low | med | high | crit}

set ftp-security {off | low | med | high | crit}

set geo-ip {off | low | med | high | crit}

set hidden-field-protection {off | low | med | high | crit}

set high <value_int>

set http-protocol-constraints {enable | disable}

set ip-list {off | low | med | high | crit}

set ip-reputaton {off | low | med | high | crit}

set low <value_int>

set med <value_int>

set padding-oracle-protection {off | low | med | high | crit}

set page-access {off | low | med | high | crit}

set parameter-validation {off | low | med | high | crit}

set signature {enable | disable}

set start-pages {off | low | med | high | crit}

set url-access {off | low | med | high | crit}

set user-tracking {off | low | med | high | crit}

set bot-deception {off | low | med | high | crit}

set biometrics-based-detection {off | low | med | high | crit}

set threshold-bot-detection {off | low | med | high | crit}

set bot-detection {off | low | med | high | crit}

set mobile-api-protection {off | low | med | high | crit}

set json-protection {off | low | med | high | crit}

set openapi-validation {off | low | med | high | crit}

set cors-protection {off | low | med | high | crit}

set site-publish {off | low | med | high | crit}

end

Variable Description Default

allow-method {off | low | med | high | crit}

Set the threat weight for HTTP request method violations. med

brute-force-login {off | low | med | high | crit}

Set the threat weight for attempted brute force logins. crit

cookie-security-policy {off | low | med | high | crit}

Set the threat weight for cookie poisoning and other cookie-based attacks. high

crit <value_int>

Set the value for a critical threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 50

csrf-protection {off | low | med | high | crit}

Set the threat weight for cross-site request forgery attacks. high

custom-policy {off | low | med | high | crit}

Set the threat weight for custom policy violations. high

custom-signature {off | low | med | high | crit}

Set the threat weight for attack signature and data leak signatures. high

dos-protection {off | low | med | high | crit}

Set the threat weight for denial of service (DOS) attacks. high

file-upload-restriction {off | low | med | high | crit}

Set the threat weight for violations of upload restriction policies. high

geo-ip {off | low | med | high | crit}

Set the threat weight for requests from blocked countries or regions based on the associated source IP address. high

hidden-field-protection {off | low | med | high | crit}

Set the threat weight for attempts to tamper with hidden field rules. high

high <value_int>

Set the value for a high threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 30

http-protocol-constraints {enable | disable}

Set to enable threat weights for HTTP protocol constraints. Once enabled, the threat weight for each HTTP protocol constraint may be set using waf http-protocol-parameter-restriction. enable

ip-list {off | low | med | high | crit}

Set the threat weight for requests from blacklisted IP addresses. high

ip-reputaton {off | low | med | high | crit}

Set the threat weight for requests from IP addresses with a poor reputation. crit

low <value_int>

Set the value for a low threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 5

med <value_int>

Set the value for a medium threat weight. The range of accepted values is 0-100. The value of higher levels must be larger than lower levels. 10

padding-oracle-protection {off | low | med | high | crit}

Set the threat weight for padding oracle attacks. crit

page-access {off | low | med | high | crit}

Set the threat weight for page order rule violations. med

parameter-validation {off | low | med | high | crit}

Set the threat weight for input rule violations. high

signature {enable | disable}

Set to enable threat weights for signatures. Once enabled, the threat weight for each signature may be set using waf signature. enable

start-pages {off | low | med | high | crit}

Set the threat weight for start page rule violations. med

url-access {off | low | med | high | crit}

Set the threat weight for URL access rule violations. med

user-tracking {off | low | med | high | crit}

Set the threat weight for user tracking rule violations. med

ftp-security {off | low | med | high | crit}

Set the threat weight for ftp security rule violations. med

bot-deception {off | low | med | high | crit}

Set the threat weight for bot deception policy violations.

med

biometrics-based-detection {off | low | med | high | crit}

Set the threat weight for biometrics based detection rule violations.

med

threshold-bot-detection {off | low | med | high | crit}

Set the threat weight for threshold based detection rule violations.

med

bot-detection {off | low | med | high | crit}

Set the threat weight for bot detection violations.

med

mobile-api-protection {off | low | med | high | crit}

Set the threat weight for mobile API protection rule violations.

med

json-protection {off | low | med | high | crit}

Set the threat weight for JSON protection rule violations.

med

openapi-validation {off | low | med | high | crit}

Set the threat weight for OpenAPI validation.

med

cors-protection {off | low | med | high | crit}

Set the threat weight for CORS protection rule violations.

med

site-publish {off | low | med | high | crit}

Set the threat weight for site publish violations.

med

Example

This example adjusts the threat weight of DOS attacks.

config server-policy pattern threat-weight

set dos-protection crit

end

This example disables signatures.

config server-policy pattern threat-weight

set signature disable

end

This example adjusts the risk level value of critical security violations.

config server-policy-pattern threat-weight

set crit 60

end

Related Topics