what is the difference between reqtype "direct" and "referral"? (in the log message)
I saw in the documentation that:
"The request type, either direct or referral."
I'll be glad to get an in-depth explanation, please.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
This definition is not strictly related to Fortinet products.
The "direct" request is when you write in the browser: www.fortinet.com
The "referral" request is when you click a link on a site, and this automatically redirects you to that page you want to visit, for example, www.fortinet.com/post?referer=somerandomwebsitewhereyouclicked.com/
In HTTP, "Referer" (a misspelling of Referrer) is the name of an optional HTTP header field that identifies the address of the web page (i.e., the URI or IRI), which is linked to the resource being requested. By checking the referrer, the server providing the new web page can see where the request originated (wiki)
Is it possible that we will see logs marked as "referral" even if the user didn't click on a link?
For example, when visiting a news website, most of the traffic will be for ads websites (behind the curtain). Will we see these websites URLs as part of the logs at all?
and if so, is there a way to differentiate between sites that the user was aware of visiting and "behind the curtain" sites?
Yes, it is possible, as most websites (news sites included) load some of the data from other sources through HTTP requests with referrer field for tracking. You can tweak this behavior in some of the browsers, but there is no possibility to differentiate this in the FortiGate. It sees and logs all the traffic originating from the user (can't tell if the user clicked a link, or a specific element or section was loaded by another page)
Dear @dmelamed,
"Direct" requests originate from the user directly typing in the URL or clicking on a bookmark.
"Referral" requests come from clicking on links on other websites, and the referring website is identified through the "Referer" header.
let us know fi you have any queries.
Thanks
Pavan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.