This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.
Created on 06-12-2017 02:24 PM
What is the default action if the 'path' part is not defined? I understand that a single '/' will be automatically removed when such a rule of the "simple" type is added, which seems to make blocking of all URLs under a domain using this filter type not so simple.
Created on 06-13-2017 03:51 AM
Not sure to understand your question here :
With "simple", if you only specify the host, the matching criteria will be on all URL behind that host.
However the action will be the one you choose. By default it's "exempt", but it can be "allow", "block" or "monitor".
Sounds pretty simple to me :)
Feel free to be more specific if I'm not clear.
Thanks very much for answering this question.
I think it was the word "action" that caused the confusion for you here. For I was not actually referring to an issue of the choice of block/exempt/monitor, but rather to the URL path matching. The manual has the following:
The 'path' part
For the path part, an exact match takes place.
So if the "/" is automatically stripped by the system, then it would not be illogical to assume that no URL paths would match "nothing". And there lies the confusion I had, and so did some of my colleagues here.
Thanks very much for clearing that up.