Help
FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
shafiq23
Staff
Staff

Created on ‎11-19-2024 12:09 AM

Article Id 358302

Technical Tip: SQL/XSS Syntax Based Detection injection exception

Description This article describes configuring Client IP exception when false positive SQL/XSS Syntax Based Detection injection triggered.
Scope FortiWeb.
Solution

Certain application functionalities or data inputs from client could inadvertently trigger SQL/XSS Syntax Based Detection. If the triggers verified as false positive, an exception can be made to allow it(depending to trigger factor). In this example, exception by Client IP is made.

 

Sample Attack Log:

 

1.png

 

Steps to make exceptions:

 

  1. Select the Message field value.

2.png

 

  1. Configure exception elements.

     

    3.png

     

    Note: Other element type can be configured depending on the matching criteria required.

  2. Exception will be applied in respective SQL/XSS Syntax Based Detection profile and subtype.

     

     

  3. Alternatively, exceptions also can be done directly in the SQL/XSS Syntax-Based Detection profile.

    Web Protection -> Advanced Protection -> SQL/XSS Syntax Based Detection.

 

XSS-Exception.png

 

For more information, refer to FortiWeb SQL/XSS Syntax Based Detection injection documentation:

Syntax-based SQL/XSS injection detection 
110
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.