Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JMATAS
New Contributor

Block Client ID Fortiweb

Regards,
We need to be able to "automatically" block Client IDs that exceed a Threat Score by some policy or rule in Fortiweb 6.3

Thank you
2 REPLIES 2
ddsouza_FTNT
Staff
Staff

@JMATAS You can add the following entry under the Client management configuration>Block Settings to block Malicious Client(Client with the histrorcal threat =>200 for a certain period.

 

image.png

 

Please ensure you have enabled the 'Client management' in the Web Protection profile applied to the server policy.

 

Test Results:

image.png

image.png

image.png

 

These screenshots are from 6.3.22 GA Fortiweb.

 

Please refer to the following admin guide link for further information.

https://docs.fortinet.com/document/fortiweb/6.3.19/administration-guide/225514/configuring-client-ma...

JMATAS

Client.pngThank you very much Denzil, it is one of the things we are doing, controlling the attack with the limits of the Client Management Configuration, but the blocking limits are at most one day, the boots reappear after that time.

We would like to know, then, how to block those Client IDs once they exceed a Historical Threat Weight set by us.

Thank you so much.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors