Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiWeb 6.2.4 CLI Reference
    6.2.4
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.23
    6.3.19
    6.3.18
    6.3.17
    6.3.16
    6.3.15
    6.3.14
    6.3.13
    6.3.11
    6.3.10
    6.3.9
    6.3.7
    6.3.6
    6.3.5
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.2
    6.1.1
    5.7.0
    5.6.1
    5.6.0

    waf web-cache-policy

    waf web-cache-policy

    Use this command to configure FortiWeb to cache responses from your servers.

    Use web-cache-policy to cache only a few URLs. To cache all URLs except for a few, see waf web-cache-exception.

    To apply this policy, include it in an inline protection profile. For details, see waf web-protection-profile inline-protection.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

    Syntax

    config waf web-cache-policy

    edit "<web-cache-policy_rule_name>"

    set cache-buffer-size <cache-size_int>

    set max-cached-page size <page-size_int>

    set default-cache-timeout <cache-timeout_int>

    set exception "<web-cache-exception_name>"

    config url-match-list

    edit <entry_index>

    set host-status {enable | disable}

    set host "<host_str>"

    set url-type {plain | regular}

    set url-pattern "<url-pattern_str>"

    end

    next

    end

    Variable Description Default

    "<web-cache-policy_rule_name>"

    Enter the name of a new or existing rule. The maximum length is 63 characters.

    To display the list of existing policies, enter:

    edit ?

    		No default.

    cache-buffer-size <cache-size_int>

    Specify the maximum amount of RAM to allocate to caching content, in MB (megabytes).

    You cannot store cached content on FortiWeb’s hard disk.

    The FortiWeb model determines the valid range of values:

    • FortiWeb 400C, FortiWeb-VM (2-4 GB RAM): 1–100 MB
    • FortiWeb 1000C, FortiWeb-VM (4-8 GB RAM): 1–200 MB
    • FortiWeb 3000C, FortiWeb 3000C/CFsx, FortiWeb-VM (8–16 GB RAM): 1–400 MB
    • FortiWeb 4000C: 1–600 MB
    • FortiWeb 1000D: 1–800 MB
    • FortiWeb 1000E: 1–800 MB
    • FortiWeb-VM (16+ GB RAM): 1–1,024 MB
    • FortiWeb 3000D/DFsx: 1–1,200 MB
    • FortiWeb 4000D: 1–2,048 MB

    If administrative domains (ADOMs) are enabled, the maximums apply to the total RAM allotted to all ADOMs. For example, a FortiWeb 1000D has two ADOMs. If the cache-buffer-size value for the first ADOM is 600, the valid range for cache-buffer-size for the second ADOM is 1–200.

    Tip: For improved performance, adjust this setting until it is as small as possible yet FortiWeb can still fit most graphics and server processing-intensive pages into its cache. This allows FortiWeb to allocate more RAM to other features that also affect throughput, such as scanning for attacks.

    		 100

    max-cached-page size <page-size_int>

    Specify the maximum size of each URL that FortiWeb caches, in kilobytes (KB). FortiWeb does not cache objects such as high-resolution images, movies, or music that are larger than this value.

    The valid range is 1–10,240.

    Tip: For improved performance, adjust this setting until FortiWeb can fit most graphics and server processing-intensive pages into its cache.

    		 2048

    default-cache-timeout <cache-timeout_int>

    Specify the time to live for each entry in the cache. FortiWeb removes expired entries.

    Valid range is 0–7,200.

    When it receives a subsequent request for the URL, FortiWeb forwards the request to the server and refreshes the cached response. Any additional requests receive the new cached response until the URL’s cache timeout expires.

    		 1440

    exception "<web-cache-exception_name>"

    Specify the name of a list of exceptions.

    For details, see waf web-cache-exception.

    		 No default.

    <entry_index>

    Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999.

    		 No default.

    host-status {enable | disable}

    Specify enable to require that the Host: field of the HTTP request match a protected host names entry in order to match the policy. Also specify a value for host "<host_str>".

    		 disable

    host "<host_str>"

    Specify which protected host names entry (either a web host name or IP address) that the Host: field of the HTTP request must be in to match the policy.

    This option is available only if the value of host-status {enable | disable} is enabled.

    		 No default.

    url-type {plain | regular}

    Specify the type of value that is used for url-pattern "<url-pattern_str>":

    plain—A literal URL.

    regular—A regular expression designed to match multiple URLs.

    		 plain

    url-pattern "<url-pattern_str>"

    If the value of url-type {plain | regular} is plain, specify the literal URL, such as /index.php, that the HTTP request must contain in order to match the rule. The URL must begin with a slash ( / ).

    If the value of url-type is regular, specify a regular expression, such as ^/*.php, that matches all and only the URLs that the rule applies to. The pattern does not require a slash ( / ); however, it must match URLs that begin with a slash, such as /index.cfm.

    Do not include the domain name, such as www.example.com, which is specified by host "<host_str>".

    		 No default.

    Related topics

    Previous
    Next

    waf web-cache-policy

    waf web-cache-policy

    Use this command to configure FortiWeb to cache responses from your servers.

    Use web-cache-policy to cache only a few URLs. To cache all URLs except for a few, see waf web-cache-exception.

    To apply this policy, include it in an inline protection profile. For details, see waf web-protection-profile inline-protection.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

    Syntax

    config waf web-cache-policy

    edit "<web-cache-policy_rule_name>"

    set cache-buffer-size <cache-size_int>

    set max-cached-page size <page-size_int>

    set default-cache-timeout <cache-timeout_int>

    set exception "<web-cache-exception_name>"

    config url-match-list

    edit <entry_index>

    set host-status {enable | disable}

    set host "<host_str>"

    set url-type {plain | regular}

    set url-pattern "<url-pattern_str>"

    end

    next

    end

    Variable Description Default

    "<web-cache-policy_rule_name>"

    Enter the name of a new or existing rule. The maximum length is 63 characters.

    To display the list of existing policies, enter:

    edit ?

    		No default.

    cache-buffer-size <cache-size_int>

    Specify the maximum amount of RAM to allocate to caching content, in MB (megabytes).

    You cannot store cached content on FortiWeb’s hard disk.

    The FortiWeb model determines the valid range of values:

    • FortiWeb 400C, FortiWeb-VM (2-4 GB RAM): 1–100 MB
    • FortiWeb 1000C, FortiWeb-VM (4-8 GB RAM): 1–200 MB
    • FortiWeb 3000C, FortiWeb 3000C/CFsx, FortiWeb-VM (8–16 GB RAM): 1–400 MB
    • FortiWeb 4000C: 1–600 MB
    • FortiWeb 1000D: 1–800 MB
    • FortiWeb 1000E: 1–800 MB
    • FortiWeb-VM (16+ GB RAM): 1–1,024 MB
    • FortiWeb 3000D/DFsx: 1–1,200 MB
    • FortiWeb 4000D: 1–2,048 MB

    If administrative domains (ADOMs) are enabled, the maximums apply to the total RAM allotted to all ADOMs. For example, a FortiWeb 1000D has two ADOMs. If the cache-buffer-size value for the first ADOM is 600, the valid range for cache-buffer-size for the second ADOM is 1–200.

    Tip: For improved performance, adjust this setting until it is as small as possible yet FortiWeb can still fit most graphics and server processing-intensive pages into its cache. This allows FortiWeb to allocate more RAM to other features that also affect throughput, such as scanning for attacks.

    		 100

    max-cached-page size <page-size_int>

    Specify the maximum size of each URL that FortiWeb caches, in kilobytes (KB). FortiWeb does not cache objects such as high-resolution images, movies, or music that are larger than this value.

    The valid range is 1–10,240.

    Tip: For improved performance, adjust this setting until FortiWeb can fit most graphics and server processing-intensive pages into its cache.

    		 2048

    default-cache-timeout <cache-timeout_int>

    Specify the time to live for each entry in the cache. FortiWeb removes expired entries.

    Valid range is 0–7,200.

    When it receives a subsequent request for the URL, FortiWeb forwards the request to the server and refreshes the cached response. Any additional requests receive the new cached response until the URL’s cache timeout expires.

    		 1440

    exception "<web-cache-exception_name>"

    Specify the name of a list of exceptions.

    For details, see waf web-cache-exception.

    		 No default.

    <entry_index>

    Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999.

    		 No default.

    host-status {enable | disable}

    Specify enable to require that the Host: field of the HTTP request match a protected host names entry in order to match the policy. Also specify a value for host "<host_str>".

    		 disable

    host "<host_str>"

    Specify which protected host names entry (either a web host name or IP address) that the Host: field of the HTTP request must be in to match the policy.

    This option is available only if the value of host-status {enable | disable} is enabled.

    		 No default.

    url-type {plain | regular}

    Specify the type of value that is used for url-pattern "<url-pattern_str>":

    plain—A literal URL.

    regular—A regular expression designed to match multiple URLs.

    		 plain

    url-pattern "<url-pattern_str>"

    If the value of url-type {plain | regular} is plain, specify the literal URL, such as /index.php, that the HTTP request must contain in order to match the rule. The URL must begin with a slash ( / ).

    If the value of url-type is regular, specify a regular expression, such as ^/*.php, that matches all and only the URLs that the rule applies to. The pattern does not require a slash ( / ); however, it must match URLs that begin with a slash, such as /index.cfm.

    Do not include the domain name, such as www.example.com, which is specified by host "<host_str>".

    		 No default.

    Related topics

    Previous
    Next