Fortinet black logo

Administration Guide

Creating Man in the Browser (MiTB) Protection Rule

Creating Man in the Browser (MiTB) Protection Rule

To apply the above mentioned security rules, you need to set up the MiTB rules first, then combine the rules together into an MiTB policy.

This section provides instructions to:

tooltip icon

FortiWeb requires the protected web pages not compressed, because it will insert JavaScript codes in the response body when obfuscation, encryption or anti-keyloger is enabled, and analyze the request body to detect unallowed Ajax requests. If the web pages you want to protect are compressed, it's required to configure a decompression policy. See Configuring temporary decompression for scanning & rewriting.

Creating Man in the Browser (MiTB) Protection Rule

To apply the above mentioned security rules, you need to set up the MiTB rules first, then combine the rules together into an MiTB policy.

This section provides instructions to:

tooltip icon

FortiWeb requires the protected web pages not compressed, because it will insert JavaScript codes in the response body when obfuscation, encryption or anti-keyloger is enabled, and analyze the request body to detect unallowed Ajax requests. If the web pages you want to protect are compressed, it's required to configure a decompression policy. See Configuring temporary decompression for scanning & rewriting.