Fortinet black logo

User Guide

Home FortiWeb Cloud User Guide

Settings

Copy Link
Copy Doc ID a9687b55-f2f2-11ee-8c42-fa163e15d75b:539861
Download PDF

Settings

Advanced Configuration

Once this option is enabled, you are allowed to configure the following:

  • On each WAF module page, you can configure appropriate actions if the traffic violates WAF rules, such as Period Block, Alert, Alert & Deny.
  • Templates page will appear under Global tab for you to push a collection of WAF settings across multiple applications.

  • A Bypass WAF switch will appear on the Vulnerability Scan page, which allows you to check out the vulnerabilities exposed by your origin server assuming the protection from FortiWeb Cloud was off.

Audit Logs Export

Enable to export system-level events such as user login and server creation to specified log servers.

Notification Emails

FortiWeb Cloud sends notifications to your email about the information related with subscription, new features in each release, system maintenance, certificate expiration and more.

Enable Notification Emails in Global > System Settings > Settings to send notification emails to your registered email address.

API Key

FortiWeb Cloud RESTful API requires API key authorization. You can generate the API key from the GUI directly. Please note that API key creation does not restrict only to users with write permission. Read-only users can also create API key.

  1. Go to Global > System Settings > Settings .
  2. Locate API Key.
  3. Click Create.
    An API key ID and an API key secret are generated. Click the View icon to get the hidden key secret and use it for invoking APIs. You have got only one chance to view the key. The key will not be stored at the back-end server.

    4. In the API Key table, you can view the API key ID, the time when the key was created and last used, the active and inactive status.

    You can inactivate the API key in case of any key security problem, and revoke it later.

    Only one API key can be created for an account. You can delete an API key before you create a new one.

    When using this API key, just put it in the HTTP authentication header as below:
    authentication: Basic <api-key-secret>

Origin Server Lock

Lock your origin server's IP address to ensure it can only be used by your account. The Origin Server Lock prevents other accounts on FortiWeb Cloud from setting up an application targeting malicious traffic at your origin server.

The Origin Server Lock setup is only configurable through Fortinet support. Please contact the support team and provide your origin server's IP addresses. We will do the setup for you.

Fabric Connector

Connect to the Security Fabric with FortiGate version 7.0.0 or newer. For configuration instructions, see Fortinet Security Fabric.

Consumption Report

This feature is disabled by default. Enabling this feature will result in the automatic generation and delivery of monthly Consumption Reports to the email addresses entered in the Recipients box.

Consumption reports encompass usage details for all applications within the user's account, providing data on metrics like throughput and bandwidth. Consumption data for each month is generated on the 5th of the following month. For instance, data for October will be generated on November 5th.

Please refer to the table below on levels of access for different user types:

User Type

Level of Access
Organization root account Can enable or disable consumption report for itself and all tenants.
Organization user, not root account Cannot enable nor disable consumption report.
Non-OU user, excluding Tenants Can enable or disable consumption report for itself.
Tenant Cannot enable nor disable consumption report.
Previous
Next

Settings

Advanced Configuration

Once this option is enabled, you are allowed to configure the following:

  • On each WAF module page, you can configure appropriate actions if the traffic violates WAF rules, such as Period Block, Alert, Alert & Deny.
  • Templates page will appear under Global tab for you to push a collection of WAF settings across multiple applications.

  • A Bypass WAF switch will appear on the Vulnerability Scan page, which allows you to check out the vulnerabilities exposed by your origin server assuming the protection from FortiWeb Cloud was off.

Audit Logs Export

Enable to export system-level events such as user login and server creation to specified log servers.

Notification Emails

FortiWeb Cloud sends notifications to your email about the information related with subscription, new features in each release, system maintenance, certificate expiration and more.

Enable Notification Emails in Global > System Settings > Settings to send notification emails to your registered email address.

API Key

FortiWeb Cloud RESTful API requires API key authorization. You can generate the API key from the GUI directly. Please note that API key creation does not restrict only to users with write permission. Read-only users can also create API key.

  1. Go to Global > System Settings > Settings .
  2. Locate API Key.
  3. Click Create.
    An API key ID and an API key secret are generated. Click the View icon to get the hidden key secret and use it for invoking APIs. You have got only one chance to view the key. The key will not be stored at the back-end server.

    4. In the API Key table, you can view the API key ID, the time when the key was created and last used, the active and inactive status.

    You can inactivate the API key in case of any key security problem, and revoke it later.

    Only one API key can be created for an account. You can delete an API key before you create a new one.

    When using this API key, just put it in the HTTP authentication header as below:
    authentication: Basic <api-key-secret>

Origin Server Lock

Lock your origin server's IP address to ensure it can only be used by your account. The Origin Server Lock prevents other accounts on FortiWeb Cloud from setting up an application targeting malicious traffic at your origin server.

The Origin Server Lock setup is only configurable through Fortinet support. Please contact the support team and provide your origin server's IP addresses. We will do the setup for you.

Fabric Connector

Connect to the Security Fabric with FortiGate version 7.0.0 or newer. For configuration instructions, see Fortinet Security Fabric.

Consumption Report

This feature is disabled by default. Enabling this feature will result in the automatic generation and delivery of monthly Consumption Reports to the email addresses entered in the Recipients box.

Consumption reports encompass usage details for all applications within the user's account, providing data on metrics like throughput and bandwidth. Consumption data for each month is generated on the 5th of the following month. For instance, data for October will be generated on November 5th.

Please refer to the table below on levels of access for different user types:

User Type

Level of Access
Organization root account Can enable or disable consumption report for itself and all tenants.
Organization user, not root account Cannot enable nor disable consumption report.
Non-OU user, excluding Tenants Can enable or disable consumption report for itself.
Tenant Cannot enable nor disable consumption report.
Previous
Next