Configuring web service settings
You want to prevent the FortiVoice system from being overloaded with external connections by setting limits for concurrent connections, active admin portal and REST API sessions, and repeated offender requests.
To enable the REST API support
To allow the FortiVoice system to use REST APIs, you must enable the feature. By default, this feature is disabled on the FortiVoice system. To enable it, use the following CLI commands: config system global set rest-api enable end For details about accessing the CLI console, see Using the CLI Console. For more details about REST APIs, see the FortiVoice Phone System REST API Reference Guide. |
To view and configure the web service settings
- Go to Security > Rate Limit > Web Service.
- Configure the following:
GUI field
Description
Rate Control
If you use zero (0) as a value, it means that there is no limit.
The ranges and default values vary depending on the FortiVoice model.
Maximum Concurrent Request
Total
Specifies the total maximum number of simultaneous connections to the FortiVoice system that the FortiVoice built-in web server allows to process.
Per IP
Specifies the total maximum number of simultaneous connections to the FortiVoice system from an IP address that you allow FortiVoice to process.
If you want to exempt IP addresses from the concurrent connection, click Exempt IP and add those IP addresses.
Admin
Specifies the total maximum number of simultaneous HTTP connections to the admin portal that you allow FortiVoice to process.
User Portal
Specifies the total maximum number of simultaneous HTTP connections to the user portal that you allow FortiVoice to process.
REST API
Specifies the maximum number of simultaneous RESTful connections that you allow FortiVoice to process.
This field is visible when you enable the REST API support. For details, see To enable the REST API support.
Maximum Active Session
Admin
Specifies the maximum number of login sessions to the admin portal that can be active at the same time. An active session is a successful login (admin/password) with a valid cookie or token.
REST API
Specifies the maximum number of active RESTful sessions.
This field is visible when you enable the REST API support. For details, see To enable the REST API support.
Maximum Request Rate (Per Second)
Admin
Specifies the maximum number of HTTP connections (per second) to the admin portal that you allow FortiVoice to process.
User Portal
Specifies the maximum number of HTTP connections (per second) to the user portal that you allow FortiVoice to process.
REST API
Specifies the maximum connection rate (per second) for the REST API.
This field is visible when you enable the REST API support. For details, see To enable the REST API support.
Repeat Offender Control
Enable to block the IP addresses that keep sending bad HTTP requests to FortiVoice and causing FortiVoice to return HTTP 404 or 405 errors.
Offending request count
Specify the number limit of bad requests within a specified period of time that will trigger an offender IP blocking.
If you want to exempt IP addresses from the repeat offender control, click Exempt IP and add those IP addresses.
Time period (minutes)
Specify the period of time (in minutes) to block the bad requests.
Here is an example using the Offending request count with a value of 3 and the Time period with a value of 5:
If within a 5-minute interval, bad requests from an IP address reach 3, the IP address will be blocked for the remaining of the 5-minute interval. After the interval expires, the counter restarts for the next interval.