FortiWEB full URL Rewriting

vasilisgogos · ‎05-04-2025

Hello Team,

I am trying to rewrite https://exapmle.in.com to https://exapmle2.out.net (URL are fake).

I have tried HTTP header rewriting ( without success) and body rewriting 9 the URL was redirecting to the new URL, which is not our case).

We need to keep the traffic to Fortiweb and not redirect the traffic to the end URL.

Bello the config

config waf url-rewrite url-rewrite-rule

edit "ASK-AI-REWRITING"
set host-status enable
set host exapmle.in.com
config header-insert
end
config response-header-insert
end
config header-removal
end
config response-header-removal
end
set request-remove-duplicate-headers disable
config match-condition
edit 1
set reg-exp exapmle2.out.net
set HTTP-protocol https
next
end
next
end

config waf url-rewrite url-rewrite-rule
edit "ASK-AI-REWRITING-2"
set action http-response-header-rewrite
set location_replace $0exapmle.in.com$1
set location-status enable
config header-insert
end
config response-header-insert
end
config header-removal
end
config response-header-removal
end
set response-replace-existing-headers enable
config match-condition
edit 1
set object http-location
set reg-exp (.*)exapmle2.out.net(.*)
next
end
next
end

Attached the URL RULE.

The problem is that the end Application Server is not accepting Requests that done not have exapmle2.out.net in HTTP HEADER( body).

Senior Network Security Engineer

vasilisgogos · ‎05-22-2025

Hello,

We found the solution.

Request Action

1- Request action should match HTTP Host (whole URL- URL1))
2- Replacement URL - select Host - the backend URL (URL2)

Response action

1- Match both HTTP location with syntax (/*)URL2(/*)

and HTTP Host with syntax (.*)URL2(.*)

2- Replacement String: Location - URL1

3- HTTP header Insertion enabled with Replace existing header and syntax $0URL1$1

4- HTTP Header Removal enabled (remove Duplicate Headers)

Also, the backend service should match the frontend service (HTTPs-->HTTPs or HTTP-->HTTP)

Senior Network Security Engineer

View solution in original post

vasilisgogos · ‎05-04-2025

URL Policy

Senior Network Security Engineer

mokelvo2 · ‎05-04-2025

So in the first KB link I posted there is a section titled "Example: Full host name/URL translation", so I experimented with variations on this (too many to list if I'm being honest) without much luck. Then I tried using a regex debugger for testing but didn't get very far with that before the end of my work day. Left it so that the full .com URL redirects to the .co.uk TLD, which Is easy enough but not what the business wants, sadly.

https://19216811.cam/ https://1921681001.id/

AEK · ‎05-04-2025

Hi Vasili

Can you pose a screenshot of the rule (from the WebUI)?

AEK

vasilisgogos · ‎05-04-2025

hello,

Bellow the screenshots

Senior Network Security Engineer

AEK · ‎05-05-2025

Hi Vasili

In URL rewrite condition you select HTTP Host, and you write example.in.com.

And in Replacement URL you enable only Host (not URL) and you write example2.out.net.

AEK

vasilisgogos · ‎05-05-2025

Hello,

This is not our case.

If Host rewriting is selected, the traffic will be redirected to the new URL and not maintained to the original URL, and we can not monitor or block any attack.

Senior Network Security Engineer

vasilisgogos · ‎05-05-2025

.

Senior Network Security Engineer

AEK · ‎05-06-2025

Hi Vasili

I don't fully agree.

Here I mean the action is "Rewrite HTTP Header" and not redirection.

When you rewrite the "Host" HTTP header in the request, the back-end server can see the requested host is example2.out.net and not exapmle.in.com. And here there is no redirection done.

AEK

vasilisgogos · ‎05-06-2025

Hello,

The traffic is permanently moved ( HTTP code 301 - from the above pic).
The real server sees it with the new header (only traffic with the backend server is permitted in our case), but the traffic is moved to the new URL, unfortunately.

Senior Network Security Engineer

FortiWEB full URL Rewriting

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website