waf custom-protection-group
Use this command to configure custom protection groups, creating sets of custom protection rules that can be used with attack signatures (“server protection rule”).
Before you can configure this command, you must first define your custom data leak and attack signatures. For details, see waf custom-protection-rule.
To use this command, your administrator account’s access control profile must have either w
or rw
permission to the wafgrp
area. For details, see Permissions.
Syntax
config waf custom-protection-group
edit "<custom-protection group_name>"
set max-alert-interval <integer>
config type-list
edit <entry_index>
set custom-protection-rule "<rule_name>"
next
end
next
end
Variable | Description | Default |
Enter the name of a new or existing group. The maximum length is 63 characters. To display the list of existing group, enter:
|
No default. | |
Specify the alert interval to avoid attack logs flooding. When signature violations occur continuously, FortiWeb generates the next attack log only when it reaches the alert interval. Setting the value to 0 means there will not be interval limit for the signature traffic logs. This applies at the signature group level. The valid range is 0-300 seconds. |
0 |
|
Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999. | No default. | |
Enter the name of the custom protection rule to associate with the custom protection group. The maximum length is 63 characters. To display a list of the existing rules, enter:
|
No default. |
Example
This example groups custom protection rule 1 and custom protection rule 3 together within Custom Protection group 1.
config waf custom-protection-group
edit "Custom Protection group 1"
config type-list
edit 1
set custom-protection-rule "custom protection rule 3"
next
edit 3
set custom-protection-rule "custom protection rule 1"
next
end
next
end