CLI Reference

Home FortiWeb 6.3.3 CLI Reference

6.3.3

waf custom-protection-group

Use this command to configure custom protection groups, creating sets of custom protection rules that can be used with attack signatures (“server protection rule”).

Before you can configure this command, you must first define your custom data leak and attack signatures. For details, see waf custom-protection-rule.

To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

Syntax

config waf custom-protection-group

edit "<custom-protection group_name>"

config type-list

edit <entry_index>

set custom-protection-rule "<rule_name>"

end

Variable	Description	Default
"<custom-protection group_name>"	Enter the name of a new or existing group. The maximum length is 63 characters. To display the list of existing group, enter: `edit ?`	No default.
<entry_index>	Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999.	No default.
custom-protection-rule "<rule_name>"	Enter the name of the custom protection rule to associate with the custom protection group. The maximum length is 63 characters. To display a list of the existing rules, enter: `set custom-protection-rule ?`	No default.

Example

This example groups custom protection rule 1 and custom protection rule 3 together within Custom Protection group 1.

config waf custom-protection-group

edit "Custom Protection group 1"

config type-list

edit 1

set custom-protection-rule "custom protection rule 3"

edit 3

set custom-protection-rule "custom protection rule 1"

end