Hi,
we are using Apache.Log4j.Error.Log.Remote.Code.Execution IPS signatures to protect some webservers and noticed that the IPS signature is blocking attempts if the connection is made to a webserver on port 80 and 443 but if there is a connection to a server on a different port like 8443 for example the IPS doesn´t identify it.
The policy have IPS, deep inspection and web filter applied and we see the logs for all other security features on the traffic, but nothing from the IPS.
Do anyone know if the Log4j signature only is for port 80 and 443? We have tried on different models (100E, 100F and on FortiOS 6.4.8 and FortiOS 6.4.6).
Thanks!
If you have stuff running on other ports, you should have it configured to monitor those ports as well. Set the filters on the IPS Sensor screen.
User | Count |
---|---|
2061 | |
1175 | |
770 | |
448 | |
343 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.