Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Caching

To improve performance of your back-end network and servers by reducing their traffic and processing load, you can configure FortiWeb to cache responses from your servers.

Normally, FortiWeb forwards all allowed requests to your servers. This results in a 1:1 ratio of client-side to server-side traffic. When content caching is enabled, however, FortiWeb will forward only requests for content that:

When many requests are for cached content, the ratio of traffic changes to n:1.

Content caching provides the greatest benefit for things that rarely change, such as icons, background images, movies, PDFs, and static HTML.

To configure the web caching, you must enable it by going to System > Config > Feature Visibility.

When you create or edit an HTTP server policy in Policy > Server Policy and enable Web Cache, a web cache policy will be automatically created in Application Delivery > Caching. While if you delete the web cache enabled HTTP server policy, or disable Web Cache in the HTTP server policy, the related web cache policy will be removed automatically. The web cache policy includes no rules, and you need to configure the web cache rules for the policy.

To configure web content caching
  1. Go to Application Delivery > Caching.
  2. Click to select the web cache policy that you want to configure the rule for.
  3. Click Edit.
    On Edit Web Cache Policy page, you can view the following information:
    • The policy name that quotes the web cache policy;
    • The statistics on the hit count in the last 24 hours;
    • The web cache status: Caching and Clearing the cache; when it is Clearing the cache status, page content will not be cached until all cache data is successfully cleared; and the status will return to "Caching".
  4. Click Create New to configure web content caching rule.
    When multiple web cache rules are defined in a web cache policy, and an HTTP request matches a specific web cache rule, FortiWeb will take actions according to the web cache rule settings.
  5. Configure these settings:

    Global Settings

    Host Status

    Enable to require that the Host: field of the HTTP request match a protected host names entry in order to match the rule. Also configure Host.

    Host

    Select which protected host names entry (either a web host name or IP address) that the Host: field of the HTTP request must be in to match the policy.

    This option is available only when Host Status is enabled.

    Path

    Enter a path for your web pages, for example /test, a prefix of a set of URLs.

    HTTP Method

    Select whether to cache the response contents according to the HTTP method you use.

    • GET, HEAD (Recommended)
    • GET, HEAD, OPTIONS
    • GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE

    Return Code

    Select whether to cache the response contents according to the response code.

    • 200 (Recommended)
    • 200, 206
    • 200, 206, 301, 302

    Cache File Type

    Select whether to cache the response contents according to the content type.

    • Text
    • Picture
    • Media
    • Binary
    • Other

    Key Generation Factor

    Select the protocol variable that you want to use to generate the cache key.

    • Method, such as GET, POST, HEAD, etc.
    • Protocol, the string can be either “http://” or “https://”;
    • Host
    • URL
    • Arguments, for example in request http://host.com/test.php?a=1&b=2
      , the Arguments string is “a=1&b=2”.
    • CookiesOnce you have created a web cache rule, you can edit the rule to indicate cookies in HTTP requests and append them to the key string to generate the cache key.

    Validity Settings

    Cache Inactive After

    Specify a timeout threshold that the cache becomes invalid and needs to be refreshed. After the timeout, the cached web contents will be removed automatically.

    Force Client Cache Refresh

    Enable to clear the cache based on the specified period.

    Client Cache Refresh After

    Enter a period specified by max-age so that if the client requests the same contents again in the period, the client can obtain the web content from local cache directly.

  6. Click OK.
  7. In Bypass Sub URL, you can configure the URLs not to be cached.
    Click Create New.
  8. Configure these settings.

    HTTP Method

    Select the HTTP method in which the request URL is included.

    URL Type

    Select whether the URL Expression field must contain either:

    • Simple String—The field is a string that the request sub URLmust match exactly.
    • Regular Expression—The field is a regular expression that defines a set of matching sub URLs.

    URL Expression

    Depending on your selection in URL Type, enter either:

    • Simple String—Enter a literal sub URL, such as /exp that the HTTP request must contain in order to match the rule, or use wildcards to match multiple sub URLs, such as /exp/* or /exp/*/index.htm. The sub URL must begin with a slash ( / ).
    • Regular Expression—A regular expression, such as ^/*.php, matching the sub URLs to which the rule should apply. The pattern does not require a slash ( / ), but it must match sub URLs that begin with a slash, such as /index.cfm.

    To test a regular expression, click the >> (test) icon. This icon opens the Regular Expression Validator window from which you can fine-tune the expression. For details, see Regular expression syntax.

    Bypass Arguments

    Enable this option and enter the argument name so that the request matches the bypass URL only when the request brings the specific arguments.

    Bypass Cookies

    Enable this option and enter the cookie name so that the request matches the bypass URL only when the request brings the specific cookies.

  9. Click OK.
    You can continue creating multiple bypass sub URL lists.
See also

Caching

To improve performance of your back-end network and servers by reducing their traffic and processing load, you can configure FortiWeb to cache responses from your servers.

Normally, FortiWeb forwards all allowed requests to your servers. This results in a 1:1 ratio of client-side to server-side traffic. When content caching is enabled, however, FortiWeb will forward only requests for content that:

When many requests are for cached content, the ratio of traffic changes to n:1.

Content caching provides the greatest benefit for things that rarely change, such as icons, background images, movies, PDFs, and static HTML.

To configure the web caching, you must enable it by going to System > Config > Feature Visibility.

When you create or edit an HTTP server policy in Policy > Server Policy and enable Web Cache, a web cache policy will be automatically created in Application Delivery > Caching. While if you delete the web cache enabled HTTP server policy, or disable Web Cache in the HTTP server policy, the related web cache policy will be removed automatically. The web cache policy includes no rules, and you need to configure the web cache rules for the policy.

To configure web content caching
  1. Go to Application Delivery > Caching.
  2. Click to select the web cache policy that you want to configure the rule for.
  3. Click Edit.
    On Edit Web Cache Policy page, you can view the following information:
    • The policy name that quotes the web cache policy;
    • The statistics on the hit count in the last 24 hours;
    • The web cache status: Caching and Clearing the cache; when it is Clearing the cache status, page content will not be cached until all cache data is successfully cleared; and the status will return to "Caching".
  4. Click Create New to configure web content caching rule.
    When multiple web cache rules are defined in a web cache policy, and an HTTP request matches a specific web cache rule, FortiWeb will take actions according to the web cache rule settings.
  5. Configure these settings:

    Global Settings

    Host Status

    Enable to require that the Host: field of the HTTP request match a protected host names entry in order to match the rule. Also configure Host.

    Host

    Select which protected host names entry (either a web host name or IP address) that the Host: field of the HTTP request must be in to match the policy.

    This option is available only when Host Status is enabled.

    Path

    Enter a path for your web pages, for example /test, a prefix of a set of URLs.

    HTTP Method

    Select whether to cache the response contents according to the HTTP method you use.

    • GET, HEAD (Recommended)
    • GET, HEAD, OPTIONS
    • GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE

    Return Code

    Select whether to cache the response contents according to the response code.

    • 200 (Recommended)
    • 200, 206
    • 200, 206, 301, 302

    Cache File Type

    Select whether to cache the response contents according to the content type.

    • Text
    • Picture
    • Media
    • Binary
    • Other

    Key Generation Factor

    Select the protocol variable that you want to use to generate the cache key.

    • Method, such as GET, POST, HEAD, etc.
    • Protocol, the string can be either “http://” or “https://”;
    • Host
    • URL
    • Arguments, for example in request http://host.com/test.php?a=1&b=2
      , the Arguments string is “a=1&b=2”.
    • CookiesOnce you have created a web cache rule, you can edit the rule to indicate cookies in HTTP requests and append them to the key string to generate the cache key.

    Validity Settings

    Cache Inactive After

    Specify a timeout threshold that the cache becomes invalid and needs to be refreshed. After the timeout, the cached web contents will be removed automatically.

    Force Client Cache Refresh

    Enable to clear the cache based on the specified period.

    Client Cache Refresh After

    Enter a period specified by max-age so that if the client requests the same contents again in the period, the client can obtain the web content from local cache directly.

  6. Click OK.
  7. In Bypass Sub URL, you can configure the URLs not to be cached.
    Click Create New.
  8. Configure these settings.

    HTTP Method

    Select the HTTP method in which the request URL is included.

    URL Type

    Select whether the URL Expression field must contain either:

    • Simple String—The field is a string that the request sub URLmust match exactly.
    • Regular Expression—The field is a regular expression that defines a set of matching sub URLs.

    URL Expression

    Depending on your selection in URL Type, enter either:

    • Simple String—Enter a literal sub URL, such as /exp that the HTTP request must contain in order to match the rule, or use wildcards to match multiple sub URLs, such as /exp/* or /exp/*/index.htm. The sub URL must begin with a slash ( / ).
    • Regular Expression—A regular expression, such as ^/*.php, matching the sub URLs to which the rule should apply. The pattern does not require a slash ( / ), but it must match sub URLs that begin with a slash, such as /index.cfm.

    To test a regular expression, click the >> (test) icon. This icon opens the Regular Expression Validator window from which you can fine-tune the expression. For details, see Regular expression syntax.

    Bypass Arguments

    Enable this option and enter the argument name so that the request matches the bypass URL only when the request brings the specific arguments.

    Bypass Cookies

    Enable this option and enter the cookie name so that the request matches the bypass URL only when the request brings the specific cookies.

  9. Click OK.
    You can continue creating multiple bypass sub URL lists.
See also