Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiWeb 7.2.4 CLI Reference
    7.2.4
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.23
    6.3.19
    6.3.18
    6.3.17
    6.3.16
    6.3.15
    6.3.14
    6.3.13
    6.3.11
    6.3.10
    6.3.9
    6.3.7
    6.3.6
    6.3.5
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.2
    6.1.1
    5.7.0
    5.6.1
    5.6.0

    system antivirus

    system antivirus

    Use this command to configure system-wide FortiGuard Antivirus scan settings.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

    Syntax

    config system antivirus

    set default-db {basic | extended}

    set scan-bzip2 {enable | disable}

    set uncomp-size-limit <limit_int>

    set uncomp-nest-limit <limit_int>

    set use-fsa {enable | disable}

    end


    Variable Description Default

    default-db {basic | extended}

    Select which of the antivirus signature databases to use when scanning HTTP POST requests for viruses, either:

    • basic—Select to use only the signatures of viruses and greyware that have been detected by FortiGuard’s networks to be recently spreading in the wild.
    • extended—Select to use all signatures, regardless of whether the viruses or greyware are currently spreading.
    		 basic

    scan-bzip2 {enable | disable}

    Enable to scan archives that are compressed using the BZIP2 algorithm.

    Tip: Scanning BZIP2 archives can be very CPU-intensive. To improve performance, block the BZIP2 file type, then disable this option.

    		 enable

    uncomp-size-limit <limit_int>

    Type the maximum size in kilobytes (KB) of the memory buffer that FortiWeb will use to temporarily undo the compression that a client or web server has applied to traffic, in order to inspect and/or modify it. For details, see waf file-uncompress-rule.

    Caution: Unless you configure otherwise, compressed requests that are too large for this buffer will pass through FortiWeb without scanning or rewriting. This could allow malware to reach your web servers, and cause HTTP body rewriting to fail. If you prefer to block requests greater than this buffer size, configure waf HTTP-protocol-parameter-restriction. To be sure that it will not disrupt normal traffic, first configure action to be alert. If no problems occur, switch it to alert_deny.

    The maximum acceptable values are:

    102400 KB: FortiWeb 100D, 100E, 400C, 400D, 400E, 600D, 600E, 1000C, 3000CFsx, 4000C

    204800 KB: FortiWeb 1000D, 2000D, 3000D, 3000DFsx, 4000D, 1000E, 2000E, 3010E, 1000F, 2000F

    358400 KB: FortiWeb 3000E, 4000E, 3000F, 4000F

    		 5000

    uncomp-nest-limit <limit_int>

    		 Type the maximum number of allowed levels of compression (“nesting”) that FortiWeb will attempt to decompress. 12

    use-fsa {enable | disable}

    		 Enable to use the Signature Database from FortiSandbox to supplement the AV Signature Database. If enabled, FortiWeb will download the malware package from FortiSandbox's Signature Database every minute. disable
    Previous
    Next

    system antivirus

    system antivirus

    Use this command to configure system-wide FortiGuard Antivirus scan settings.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

    Syntax

    config system antivirus

    set default-db {basic | extended}

    set scan-bzip2 {enable | disable}

    set uncomp-size-limit <limit_int>

    set uncomp-nest-limit <limit_int>

    set use-fsa {enable | disable}

    end


    Variable Description Default

    default-db {basic | extended}

    Select which of the antivirus signature databases to use when scanning HTTP POST requests for viruses, either:

    • basic—Select to use only the signatures of viruses and greyware that have been detected by FortiGuard’s networks to be recently spreading in the wild.
    • extended—Select to use all signatures, regardless of whether the viruses or greyware are currently spreading.
    		 basic

    scan-bzip2 {enable | disable}

    Enable to scan archives that are compressed using the BZIP2 algorithm.

    Tip: Scanning BZIP2 archives can be very CPU-intensive. To improve performance, block the BZIP2 file type, then disable this option.

    		 enable

    uncomp-size-limit <limit_int>

    Type the maximum size in kilobytes (KB) of the memory buffer that FortiWeb will use to temporarily undo the compression that a client or web server has applied to traffic, in order to inspect and/or modify it. For details, see waf file-uncompress-rule.

    Caution: Unless you configure otherwise, compressed requests that are too large for this buffer will pass through FortiWeb without scanning or rewriting. This could allow malware to reach your web servers, and cause HTTP body rewriting to fail. If you prefer to block requests greater than this buffer size, configure waf HTTP-protocol-parameter-restriction. To be sure that it will not disrupt normal traffic, first configure action to be alert. If no problems occur, switch it to alert_deny.

    The maximum acceptable values are:

    102400 KB: FortiWeb 100D, 100E, 400C, 400D, 400E, 600D, 600E, 1000C, 3000CFsx, 4000C

    204800 KB: FortiWeb 1000D, 2000D, 3000D, 3000DFsx, 4000D, 1000E, 2000E, 3010E, 1000F, 2000F

    358400 KB: FortiWeb 3000E, 4000E, 3000F, 4000F

    		 5000

    uncomp-nest-limit <limit_int>

    		 Type the maximum number of allowed levels of compression (“nesting”) that FortiWeb will attempt to decompress. 12

    use-fsa {enable | disable}

    		 Enable to use the Signature Database from FortiSandbox to supplement the AV Signature Database. If enabled, FortiWeb will download the malware package from FortiSandbox's Signature Database every minute. disable
    Previous
    Next