Hi all,
We have web application fire wall latest version (7.4.3)
i have a few sites under it.
when some one attacks using tools and what not , how can i block his ip Address automatically when the system detects that he is triggering the deny rules?
right now it just block every attempts he tries , it should just block him why wait until he passes
Thanks
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Haitham
Under menu Web Protection > Known Attacks > Signatures, edit your signature package (or clone a predefined one), then edit it and change the Action from "Alert & Deny" to "Block Period". Default is 600 seconds but you can change it as needed.
Hello Haitham
Under menu Web Protection > Known Attacks > Signatures, edit your signature package (or clone a predefined one), then edit it and change the Action from "Alert & Deny" to "Block Period". Default is 600 seconds but you can change it as needed.
Hi
Thanks so much this works perfect
can i have multiple profiles working on the same policy?
because i have one public ip and under it 2 different services one is WordPress and one is Moodle lms
deifinilty we getting more public IPs soon
Cheers
Sure, for this you need to set policy "Deployment Mode" to "HTTP Content Routing".
Again , Perfect
it works like charm .
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1665 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.