About fortikar

fortikar · 07-14-2021

Hi,For the first HTTP/HTTPS request from a client, FortiWeb embeds a cookie in the response’s Set-Cookie: field in the HTTP header. It is named cookiesession1. you will see this cookie name (coockiesession1) if you capture a HTTP/HTTPS packet Since t...

fortikar · 07-15-2021

when you configure a site-to-site IPSecVPN, you can restrict your local and remote subnets from ipsec phases,also, you can limit access by firewall policy (source address and destination address)https://kb.fortinet.com/k....do?externalID=FD30023

fortikar · 07-14-2021

emnoc wrote:Good question I believe in your waf security policy you can set cookie name and define a cookie name. In all fairness, you should be using https and encrypted cookie response but in this case you want to not use cookiesession1 as common c...

fortikar · 07-14-2021

on fortiweb:connect your fortiweb to your router or fortigate via layer3 connection and set specific ip/subnet for example 192.168.10.0/24set one of ip in this range to fortigate or router , for example port2 192.168.10.1/24set another ip from this r...

fortikar · 07-14-2021

Hi you can use custom policy feature to redirect specific http status code ,for example http status code:404 in this topic

User Statistics

User Activity

How to prevent information disclusore by renaming "cookiesession1"?

Re: Restrict VPN-Access to single IP-Adress

Re: How to prevent information disclusore by renaming "cookiesession1"?

Re: How to configure Fortiweb on one-arm reverse proxy mode?

Re: Fortiweb: Hide the backend web server information after wrong url