Web Application Firewall
Go to Security Profiles > Web Application Firewall. From here you can customize the default Web Application Firewall profile, or create new profiles, to protect against a variety of web-based threats. Web Application Firewall profiles can be created with a variety of options (Signatures and Constraints), similar to other security profiles.
You can set the Web Application Firewall to use an External Security Device, such as FortiWeb, by setting
Inspection Device to External.
Selecting External in the Web Application Firewall profile adds the following configuration to the CLI:
config waf profile edit default
set external enable end
You must add the Web Application Firewall profile to a firewall policy in order for that traffic to be offloaded to the
External Security Device for processing.
If your FortiGate or VDOM Inspection mode is set to flow-based you must use the CLI to set a Web Application Firewall profile to external mode and add the Web Applic- ation Firewall profile to a firewall policy.
Hi there
i’m having a problem that the profile is not logging anything
i’ve set everything to monitor and turned on all sessions logging on the policy that i have the waf profile enabled on. all the logs are filling up except the waf logs. i know such a problem?
thank you