Technical Tip: Known attack signature exception rule
| Description | This article describes how to configure signature exception rule based on generated attack log in Attack Log page. |
| Scope | FortiAppSec Cloud WAF. |
| Solution | For false positive blockings requiring exceptions for specific URLs or other supported parameters, verify the triggered signature details and validate whether the request is legitimate.
Note: Msg ID observed in the client browser can be used to filter specific attack logs.
Validate whether the triggered signature is a false positive. A new window pops up when selecting the Signature ID number associated with the attack log and shows details of the triggered signature.
The list of created exceptions will be updated in WAF -> Application -> Security Rules -> Known Attacks -> Signature Based Detection Exception Rule.
For more information about the signature exception rule and supported options, refer to the FortiAppSec Cloud User Guide: |
