We got a team who manage the content of our corporate website. And everytime the push or publish their design/changes via wordpress. The fortiweb detected it as XSS.
Is there a way to exempt the user ip source for any XSS detection or any better approach to fix this.
Solved! Go to Solution.
Hello @sndyblz, if user source IP is real client IP, you can use Client IP exception.
1. Identify which XSS category was triggered. e.g HTML Tag Based XSS Injection
2. Set Client IP exception.
Thanks!
If you are sure this is a false positive, then you need mitigate it.
Just open attack logs, find the false positive related log, double click, and on the right panel you right-click on the "Message", then use either "Add Exception" or "Alert Only", depending on how you want to mitigate it.
Yes, the detection is confirmed false positive but the number of detections is too much.
It doesn't matter if the error is the same, you just need to do it on one of them, or you can follow Shafiq's advice if you want to do exception for a specific client IP.
Hello @sndyblz, if user source IP is real client IP, you can use Client IP exception.
1. Identify which XSS category was triggered. e.g HTML Tag Based XSS Injection
2. Set Client IP exception.
Thanks!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.