Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.4.8
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiWeb 7.4.8 Administration Guide
    7.4.8
    8.0.5
    8.0.4
    8.0.3
    8.0.2
    8.0.1
    8.0.0
    7.6.7
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.12
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.3.23
    6.2.8
    6.1.4
    5.7.0
    5.6.1
    5.6.0
    5.6.0

    What's new

    What's new

    Enhanced Geo-IP Filtering with Allow Mode

    FortiWeb introduces an Allow Mode for Geo-IP filtering, providing greater flexibility in regional access control. Previously, Geo-IP filtering operated in a Block Mode, where users could only specify locations to block, with optional exceptions for specific IP addresses within those blocked regions. This update introduces a new approach, allowing organizations to define trusted regions while blocking all other geographic locations by default.

    Condition

    Allow Mode (new)

    Block Mode (existing behavior)
    Default behavior Deny all traffic by default Allow all traffic by default
    If traffic origin matches a listed region Allow traffic from specified regions Block traffic from specified regions
    If traffic origin does not match a listed region Block traffic from all unlisted regions Allow traffic from all unlisted regions
    If traffic origin matches both a listed region and an exception Block traffic if the IP matches an exception, even within an allowed region Allow traffic if the IP matches an exception, even within a blocked region

    This enhancement enables a more granular security model, supporting both region-based allow-listing and selective IP-based blocking within trusted regions.

    Enhanced Login Status Reporting for Advanced Bot Protection

    FortiWeb now enhances integration with the Advanced Bot Protection (ABP) server by reporting login results and additional transaction details to improve bot detection accuracy. Previously, ABP relied on client-side JavaScript for login status tracking, which was ineffective against automated login attacks using scripts or mobile apps.

    With this enhancement, FortiWeb directly reports login results for 401 Authentication and Form Authentication methods, enabling ABP to detect unauthorized login attempts more effectively. Additionally, FortiWeb transmits supplementary fields such as tracking numbers and order numbers via attack queries, providing ABP with richer context for bot identification.

    Previous
    Next

    What's new

    What's new

    Enhanced Geo-IP Filtering with Allow Mode

    FortiWeb introduces an Allow Mode for Geo-IP filtering, providing greater flexibility in regional access control. Previously, Geo-IP filtering operated in a Block Mode, where users could only specify locations to block, with optional exceptions for specific IP addresses within those blocked regions. This update introduces a new approach, allowing organizations to define trusted regions while blocking all other geographic locations by default.

    Condition

    Allow Mode (new)

    Block Mode (existing behavior)
    Default behavior Deny all traffic by default Allow all traffic by default
    If traffic origin matches a listed region Allow traffic from specified regions Block traffic from specified regions
    If traffic origin does not match a listed region Block traffic from all unlisted regions Allow traffic from all unlisted regions
    If traffic origin matches both a listed region and an exception Block traffic if the IP matches an exception, even within an allowed region Allow traffic if the IP matches an exception, even within a blocked region

    This enhancement enables a more granular security model, supporting both region-based allow-listing and selective IP-based blocking within trusted regions.

    Enhanced Login Status Reporting for Advanced Bot Protection

    FortiWeb now enhances integration with the Advanced Bot Protection (ABP) server by reporting login results and additional transaction details to improve bot detection accuracy. Previously, ABP relied on client-side JavaScript for login status tracking, which was ineffective against automated login attacks using scripts or mobile apps.

    With this enhancement, FortiWeb directly reports login results for 401 Authentication and Form Authentication methods, enabling ABP to detect unauthorized login attempts more effectively. Additionally, FortiWeb transmits supplementary fields such as tracking numbers and order numbers via attack queries, providing ABP with richer context for bot identification.

    Previous
    Next