Skip to main content
JMATAS
JMATAS
New Member
April 28, 2023
Question

Block Client ID Fortiweb

  • April 28, 2023
  • 1 reply
  • 1854 views
Regards,
We need to be able to "automatically" block Client IDs that exceed a Threat Score by some policy or rule in Fortiweb 6.3

Thank you

1 reply

ddsouza_FTNT
Staff
ddsouza_FTNT
Staff
April 28, 2023

@JMATAS You can add the following entry under the Client management configuration>Block Settings to block Malicious Client(Client with the histrorcal threat =>200 for a certain period.

 

image.png

 

Please ensure you have enabled the 'Client management' in the Web Protection profile applied to the server policy.

 

Test Results:

image.png

image.png

image.png

 

These screenshots are from 6.3.22 GA Fortiweb.

 

Please refer to the following admin guide link for further information.

https://docs.fortinet.com/document/fortiweb/6.3.19/administration-guide/225514/configuring-client-management

JMATAS
JMATASAuthor
New Member
May 3, 2023

Client.pngThank you very much Denzil, it is one of the things we are doing, controlling the attack with the limits of the Client Management Configuration, but the blocking limits are at most one day, the boots reappear after that time.

We would like to know, then, how to block those Client IDs once they exceed a Historical Threat Weight set by us.

Thank you so much.

Terms & ConditionsAccessibility statement