This article describes how to setup Request URL in File Security to scan file uploaded for all URL and applied the respective action accordingly.
It is ONLY focusing on the needed setup for the Request URL.
It is maybe necessary to preconfigure other respective File Security setup and refer to the documentation at the end of this article for more information on configuring the File Security.
It is necessary to scan file(s) uploaded to your web application for all the URL is has.
It is possible to use the File Security feature for the requirement.
1) Go to Web Protection -> Input Validation -> File Security -> File Security Rule (tab).2) Create a new rule or edit an existing rule and change the Request URL to ^/.*
Example as below.
# config waf file-upload-restriction-rule edit "Scan Upload" set request-type regular set request-file ^/.* nextend
Refer to below documentation for more information on configuring File Security:https://docs.fortinet.com/document/fortiweb/7.0.2/administration-guide/329620/limiting-file-uploads
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2022 Fortinet, Inc. All Rights Reserved.