Fortinet black logo

CLI Reference

config security waf advanced-protection

config security waf advanced-protection

Use this command to configure a security waf advanced-protection profile.

Syntax

config security waf profile

edit<name>

set advanced-protection <profile name>

end

config security waf advanced-protection

edit <name>

config advanced-protection-rule

end

end

config advanced-protection-rule

edit<ID>

set type content-scraping

set content-type <file-type-list>

set occurrence-limit <integer>

set occurrence-within <integer>

set percentage-match <integer>

set action <string>

set block-period <integer>

set severity [ high | medium | low ]

end

content-type Text/html, text/plain, text/xml, application/xml, application/soap+xml, application/json.
occurrence-limit Between 1 and 100000.
occurrence-within Between 1 and 600 seconds.
percentage-match Between 0 and 100. 0 means this condition is not needed.
action String. WAF action profile.
block-period Between 1 and 3600 seconds.

severity

  • High
  • Medium
  • Low

Example

config security waf advanced-protection

edit "1"

config advanced-protection-rule

edit 1

set content-type text/html

set occurrence-limit 1

set occurrence-within 1

set percentage-match 1

set action alert

next

end

next

end

config security waf advanced-protection

config security waf advanced-protection

Use this command to configure a security waf advanced-protection profile.

Syntax

config security waf profile

edit<name>

set advanced-protection <profile name>

end

config security waf advanced-protection

edit <name>

config advanced-protection-rule

end

end

config advanced-protection-rule

edit<ID>

set type content-scraping

set content-type <file-type-list>

set occurrence-limit <integer>

set occurrence-within <integer>

set percentage-match <integer>

set action <string>

set block-period <integer>

set severity [ high | medium | low ]

end

content-type Text/html, text/plain, text/xml, application/xml, application/soap+xml, application/json.
occurrence-limit Between 1 and 100000.
occurrence-within Between 1 and 600 seconds.
percentage-match Between 0 and 100. 0 means this condition is not needed.
action String. WAF action profile.
block-period Between 1 and 3600 seconds.

severity

  • High
  • Medium
  • Low

Example

config security waf advanced-protection

edit "1"

config advanced-protection-rule

edit 1

set content-type text/html

set occurrence-limit 1

set occurrence-within 1

set percentage-match 1

set action alert

next

end

next

end