Configuring WAF Action objects
Configure what action FortiADC should take when it meets the WAF conditions.
Before you begin:
- You must have Read-Write permission for Security settings.
After you have created an action object, you can specify it in individual WAF feature rules.
To configure a WAF Action object:
1. Go to Web Application Firewall > WAF Profile.
2. Click the Action tab.
3. Click Create New to display the configuration editor.
4. Complete the configuration of WAF Action objects.
5. Save the configuration.
Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.
After you initially save the configuration, you cannot edit the name.
Select which action FortiADC takes when the conditions are fulfilled for WAF:
Pass—Allow the request.
Deny—Block the request.
Period Block—Deny all the HTTP requests from a source IP within a period which specified by Period Block.
Redirect—Send a redirect. You must specify the redirect URL.
Captcha—Requires the client to successfully fulfill the CAPTCHA request.
Specify the HTTP response code, Default: 403.
200, 202, 204, 205, 400, 403, 404, 406, 408, 410, 500, 501, 502, 503, 504
Note: This option is only available when the action type is Deny or Period Block.
1-3600 seconds; Default: 60.
Note: This option is only available when the action type is Period Block.
Specify the URL that you want to redirect.
Note: This option is only available when the action type is Redirect.
|Log Status||Enable/Disable log of events|
|Comment||Enter comment or description of the action for your records.|