Fortinet white logo
Fortinet white logo

CLI Reference

waf custom-access policy

waf custom-access policy

Use this command to configure custom access policies. Custom access policies group custom access rules.

To apply a custom access policy, select it within an inline protection profile or Offline Protection profile. For details, see waf web-protection-profile inline-protection or waf web-protection-profile offline-protection.

To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

Syntax

config waf custom-access policy

edit "<custom-policy_name>"

config rule

edit <entry_index>

set rule-name "<custom-rule_name>"

set threat-weight {low | critical | informational | moderate | substantial | severe}

next

end

next

end

Variable Description Default

"<custom-policy_name>"

Enter the name of a new or existing custom policy. The maximum length is 63 characters.

To display a list of the existing policies, enter:

edit ?

No default.

<entry_index>

Enter the index number of the individual entry in the table. The valid range is 1–9,223,372,036,854,775,807. No default.

rule-name "<custom-rule_name>"

Enter the name of the existing custom access rule to add to the policy. The maximum length is 63 characters. No default.

threat-weight {low | critical | informational | moderate | substantial | severe}

Set the weight for the threat per a custom policy

moderate

Example

For an example, see waf custom-access rule.

Related topics

waf custom-access policy

waf custom-access policy

Use this command to configure custom access policies. Custom access policies group custom access rules.

To apply a custom access policy, select it within an inline protection profile or Offline Protection profile. For details, see waf web-protection-profile inline-protection or waf web-protection-profile offline-protection.

To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

Syntax

config waf custom-access policy

edit "<custom-policy_name>"

config rule

edit <entry_index>

set rule-name "<custom-rule_name>"

set threat-weight {low | critical | informational | moderate | substantial | severe}

next

end

next

end

Variable Description Default

"<custom-policy_name>"

Enter the name of a new or existing custom policy. The maximum length is 63 characters.

To display a list of the existing policies, enter:

edit ?

No default.

<entry_index>

Enter the index number of the individual entry in the table. The valid range is 1–9,223,372,036,854,775,807. No default.

rule-name "<custom-rule_name>"

Enter the name of the existing custom access rule to add to the policy. The maximum length is 63 characters. No default.

threat-weight {low | critical | informational | moderate | substantial | severe}

Set the weight for the threat per a custom policy

moderate

Example

For an example, see waf custom-access rule.

Related topics