Re: Detect HTTP return code 401 and block IP

ComprAF2024 · 09-03-2024

Hello, we are using Fortiweb VM version 7.0.8 and i'm not specialist in the system. Our Exchange server is behind the fortiweb. We have a lot of attempt to connect to the exchange using EWS. I can see in the Traffic (Log & Report) for attempts and th...

ComprAF2024 · 09-08-2024

Hello, In fact our Fortiweb was configured by an external provider.I finally found my way:Created Custom PolicyCreate Web protection (Policy - Web Protection Profil) profil and assign Custom PolicyApply Web Porection profil to the Server Policy All w...

ComprAF2024 · 09-04-2024

Hi , thank you. In fact theses attacks are from a lot of differents ip. I suppose doing by bots. It will be not usefull to blacklist ip by hand.It's why automatically block when Fortiweb detect a forbidden message could be very good for the security....

ComprAF2024 · 09-04-2024

Hello,in fact to develop our problem, we can see theses errors in the traffic logs: It's all connection attempt to our Exchange using EWS. We can see the return code 401 I found a way to normally block this by creating a new custom policy: But this r...

User Statistics

User Activity

Detect HTTP return code 401 and block IP