waf web-cache-rule/policy

To improve performance of your back-end network and servers by reducing their traffic and processing load, you can configure FortiWeb to cache responses from your servers.

To configure the web caching, you must enable it in system feature-visibility.

Syntax

config waf web-cache-policy

edit "<server_policy_id>"

end

Variable	Description	Default
<web-cache-policy_name>	Enter the ID of the server policy that has enabled this web cache.	No default.

config waf web-cache-rule

edit "<rule-name_entry>"

set host-status {enable | disable}

set host <host_str>

set path <path_str>

set HTTP-method {get-head | get-head-options | all-methods}

set request-file-type {text | picture | media | binary | other}

set allow-return-code {allow-200 | allow-200-206 | allow-200-206-301-302}

set cache-inactive-time <cache-inactive-time_int>

set inactive-time-type {minutes | hours}

set client-cache-expire <client-cache-expire_int>

set client-cache-expire-type {minutes | hours}

set key-factor {method | protocol | host | url | arguments | cookies}

set enable-client-expire {enable | disable}

set policy-id <entry_index>

config cookie-name-list

edit <cookie-name-list_id>

set cookie-name "<cookie-name_str>"

end

config bypass-sub-url

edit "<bypass-sub-url_id>"

set HTTP-method {get | post | head | options | trace | connect | delete | put | patch | any}

set type {plain | regular}

set url-expression <url-expression_str>

set enable-bypass-args {enable | disable}

set bypass-args <bypass-args_str>

set enable-bypass-cookies {enable | disable}

set bypass-cookies <bypass-cookies_str>

set block-return-code {block-none|block-200|block-206|block-301|block-302}

end

Variable	Description	Default
"<rule-name_entry>"	Enter a 40-character string for the name, for example `e1947036-a1fa-489e-8434-c8a401a75f78`.	No default.
host-status {enable \| disable}	Enable to require that the `Host: field` of the HTTP request match a protected host names entry in order to match the web cache rule. Also configure host <host_str>.	No default.
host <host_str>	Select which protected host names entry (either a web host name or IP address) that the `Host:` field of the HTTP request must be in to match the web cache rule.	No default.
path <path_str>	Enter a path for your web pages, for example `/test`, a prefix of a set of URLs.	No default.
HTTP-method {get-head \| get-head-options \| all-methods}	Select whether to cache the response contents according to the HTTP method you use.	`get-head`
request-file-type {text \| picture \| media \| binary \| other}	Select whether to cache the response contents according to the content type.	All values
allow-return-code {allow-200 \| allow-200-206 \| allow-200-206-301-302}	Select whether to cache the response contents according to the response code.	`200`
cache-inactive-time <cache-inactive-time_int>	Specify a timeout threshold that the cache becomes invalid and needs to be refreshed. After the timeout, the cached web contents will be removed automatically.	60 minutes
inactive-time-type {minutes \| hours}	Select the time unit for the cache inactive time.	minutes
client-cache-expire <client-cache-expire_int>	Enter a period specified by max-age so that if the client requests the same contents again in the period, the client can obtain the web content from local cache directly.	10 minutes
client-cache-expire-type {minutes \| hours}	Select the time unit for the cache expiration time.	minutes
key-factor {method \| protocol \| host \| url \| arguments \| cookies}	Select the protocol variable that you want to use to generate the cache key.	All values except `cookies`.
enable-client-expire {enable \| disable}	Enable to clear the cache based on the specified period.	`disable`
policy-id <server-policy_name>	Enter the ID of the server policy that has enabled this web cache.	No default.
"<cookie-name-list_id>"	Enter the cookie name ID if you specify cookie in key-factor {method \| protocol \| host \| url \| arguments \| cookies}	No default.
cookie-name "<cookie-name_str>"	Enter a cookie name related to the ID.	No default.
"<bypass-sub-url_id>"	Enter the bypass sub URL list ID.	No default.
HTTP-method {get \| post \| head \| options \| trace \| connect \| delete \| put \| patch \| any}	Select the HTTP method in which the request sub URL is included.	any
type {plain \| regular}	Select whether the url-expression <url-expression_str> field must contain either: plain—The field is a string that the request sub URLmust match exactly. regular—The field is a regular expression that defines a set of matching sub URLs.	`plain`
url-expression <url-expression_str>	Depending on your selection in type {plain \| regular}, enter either: The literal URL, such as `/index.php`, that the HTTP request must contain in order to match the web cache rule. The URL must begin with a slash ( / ). A regular expression, such as `^/.php`, matching all and only the URLs to which the web cache rule should apply. The pattern is not* required to begin with a slash ( / ). However, it must at least match URLs that begin with a slash, such as `/index.cfm`. Note: Regular expressions beginning with an exclamation point ( `!` ) are not supported. For information on language and regular expression matching, see the FortiWeb Administration Guide: https://docs.fortinet.com/document/fortiweb	No default.
enable-bypass-args {enable \| disable}	Enable this option so that the request matches the bypass URL only when the request brings the specific arguments.	disable
bypass-args <bypass-args_str>	Enter the bypass arguments.	No default.
enable-bypass-cookies {enable \| disable}	Enable this option so that the request matches the bypass URL only when the request brings the specific cookies.	`disable`
bypass-cookies <bypass-cookies_str>	Enter the bypass arguments.	No default.
block-return-code {block-none\|block-200\|block-206\|block-301\|block-302}	Select the HTTP return code so that the request matches the bypass URL only when the request triggers one of the selected return codes.	block-none