Fortinet white logo
Fortinet white logo

CLI Reference

wad file-filter

wad file-filter

Use this command to specify the names of directories and files that you want to exclude from anti-defacement monitoring. Alternatively, you can specify the folders and files you want FortiWeb to monitor and it will exclude any others.

To use this command, your administrator account’s access control profile must have either w or rw permission to the wadgrp area. For details, see Permissions.

Syntax

config wad file-filter

edit "<wad-file-filter_name>"

set filter-type {block-file-list | allow-file-list}

edit <entry_index>

set file-type {directory | regular-file}

set file-name "<file_str>"

next

end

Variable Description Default

"<wad-file-filter_name>"

Enter the name of the file filter you can reference in other parts of the configuration. No default.

filter-type {block-file-list | allow-file-list}

Specify the type of filter:

  • block-file-list—A list of files or folders that the anti-defacement feature does not monitor.
  • allow-file-list—A list of files or folders that the anti-defacement feature monitors. The feature ignores all other files and folders.

FortiWeb still applies criteria in the anti-defacement configuration to these items. For example, if the file size exceeds the maximum, FortiWeb does not monitor it.

No default.

<entry_index>

Enter the index number of the individual entry in the table. No default.

file-type {directory | regular-file}

Specify the type of item to add to the list:

  • directory—A folder or directory path.
  • regular-file—A file.
No default.

file-name "<file_str>"

Enter the name of the folder or file to add to the list.

Ensure that the name exactly matches the folder or file that you want to specify. If file-type {directory | regular-file} is directory, include the / (forward slash).

For example, if file-type is directory and you want to add a folder abc that is under the root folder of a website, enter /abc.

You can restrict the filter condition to a specific file by including file path information in file-name. For example, a website contains many files with the name 123.txt. To specify the instance located in the abc folder only, enter /abc/123.txt.

No default.

Example

This example creates a filter video-folder that excludes the folder /abc from anti-defacement monitoring when it is applied to an anti-defacement monitoring configuration.

config wad file-filter

edit "video-folder"

set filter-type block-file-list

edit 1

set file-type directory

set file-name "/abc"

next

end

Related topics

wad file-filter

wad file-filter

Use this command to specify the names of directories and files that you want to exclude from anti-defacement monitoring. Alternatively, you can specify the folders and files you want FortiWeb to monitor and it will exclude any others.

To use this command, your administrator account’s access control profile must have either w or rw permission to the wadgrp area. For details, see Permissions.

Syntax

config wad file-filter

edit "<wad-file-filter_name>"

set filter-type {block-file-list | allow-file-list}

edit <entry_index>

set file-type {directory | regular-file}

set file-name "<file_str>"

next

end

Variable Description Default

"<wad-file-filter_name>"

Enter the name of the file filter you can reference in other parts of the configuration. No default.

filter-type {block-file-list | allow-file-list}

Specify the type of filter:

  • block-file-list—A list of files or folders that the anti-defacement feature does not monitor.
  • allow-file-list—A list of files or folders that the anti-defacement feature monitors. The feature ignores all other files and folders.

FortiWeb still applies criteria in the anti-defacement configuration to these items. For example, if the file size exceeds the maximum, FortiWeb does not monitor it.

No default.

<entry_index>

Enter the index number of the individual entry in the table. No default.

file-type {directory | regular-file}

Specify the type of item to add to the list:

  • directory—A folder or directory path.
  • regular-file—A file.
No default.

file-name "<file_str>"

Enter the name of the folder or file to add to the list.

Ensure that the name exactly matches the folder or file that you want to specify. If file-type {directory | regular-file} is directory, include the / (forward slash).

For example, if file-type is directory and you want to add a folder abc that is under the root folder of a website, enter /abc.

You can restrict the filter condition to a specific file by including file path information in file-name. For example, a website contains many files with the name 123.txt. To specify the instance located in the abc folder only, enter /abc/123.txt.

No default.

Example

This example creates a filter video-folder that excludes the folder /abc from anti-defacement monitoring when it is applied to an anti-defacement monitoring configuration.

config wad file-filter

edit "video-folder"

set filter-type block-file-list

edit 1

set file-type directory

set file-name "/abc"

next

end

Related topics