Description This article describes FortiWeb firmware level maturity
(release tags) and how to verify them in the Fortinet Support portal.
Scope FortiWeb v7.4.5 and later. Solution FortiWeb v7.6.0 introduces a
new feature wherethe firmware image file ...
Description This article describes behavior of no HSTS header insert in
HTTP 302 response header when redirect action in URL rewriting is
applied in Web Protection Profile. Scope FortiWeb, FortiWeb-VM. Solution
Symptom: User visits http://example.com...
Description This article describes how to restrict queries to a specific
IP address with a DNS policy. Pre-requisite: Secondary IP is configured
in the network interface. DNS Zone and settings pre-setup. Scope
FortiADC GLB. Solution By default, when ...
Description This article describes symptoms of bandwidth usage being
exceeded, the result of the over usage, and ways to restore the user’s
access. Scope FortiAppSec Cloud WAF. Solution FortiAppSec Cloud WAF
consists of two license subscriptions: App...
Description This article describes how to use severity-based action in
the Virtual Server WAF profile. Scope FortiADC. Solution The predefined
'Medium-Level-Security' profile has no category enabled and denies
signature triggers based on the configur...
Hi @filiaks1, ML based Anomaly detection focuses on API request
deviation on learned API traffic. Discovering missing authorization
header will be handle by other module such as Custom Policy where you
can define if Authorization header is missing an...
Hi @filiaks1, Yes, FortiWeb will generate an OpenAPI schema
model(viewable in GUI) once enough API data is learned. If you would
like to export it, you can download either in JSON or YAML format.
Thanks. Regards, Shafiq
Hello @filiaks1, I believe a Custom Policy in FortiWeb would be some
sort of threshold control for such scenario. 1. Match range 5XX return
codes 2. Define occurrences in specific time period Thanks.
Regards,Shafiq
Hello @adam283849 By default, Layer 4 VS uses DNAT as its packet
forwarding method and source IP will not be NAT'd. Direct routing is
basically a No NAT. I believe document below will help you understand
packet forwarding method difference available ...