FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
Khidzir_MN
Staff
Staff
Description

This article describes how to setup Request URL in File Security to scan file uploaded for all URL and applied the respective action accordingly.

It is ONLY focusing on the needed setup for the Request URL.

It is maybe necessary to preconfigure other respective File Security setup and refer to the documentation at the end of this article for more information on configuring the File Security.

Scope FortiWeb and FortiWeb VM.
Solution

It is necessary to scan file(s) uploaded to your web application for all the URL is has.

 

It is possible to use the File Security feature for the requirement.

 

From GUI:

 

1) Go to Web Protection -> Input Validation -> File Security -> File Security Rule (tab).
2) Create a new rule or edit an existing rule and change the Request URL to ^/.*

 

Example as below.

 

file_security_setup.png

 

From CLI:

 

# config waf file-upload-restriction-rule
     edit "Scan Upload"
         set request-type regular
         set request-file ^/.*
     next
end

 

Refer to below documentation for more information on configuring File Security:
https://docs.fortinet.com/document/fortiweb/7.0.2/administration-guide/329620/limiting-file-uploads

Contributors