This means for all NON-matching Host: headers listed below drop the requests. Server Objects -> Protected Hostnames -> Create New. This way many requests done by bots/crawlers/scanners which try to brute force available virtual hosts on the web servers will be blocked before Fortiweb applies additional protections to them. All the protections/checks are applied in order, and checking the Host: header is done very early in the processing. This configuration is optional but recommended as saves Fortiweb resources. Step 3: (Optional, but recommended) Create Protected Hostnames so to apply all the protections for HTTP requests with valid Host headers only, namely and Any other (and therefore invalid) requests will be dropped. Server Objects -> Server -> Virtual Server -> New. Step 2: Use the VIP in creating new Virtual Server. Also, you cannot change the name of any created object later - to change the name, you have to delete this object and re-create from scratch. NOTE: some objects in Fortiweb do not allow dots in their names, so, to be consistent, I am using dashes where a dot would normally go. For the name I use VIP-yurisk-com, IP is 192.168.13.92, and the interface via which this IP is reachable is port1. Step 1: Create Virtual IP on which Fortiweb will listen for incoming HTTP connections. The website's IP address visible to clients is 192.168.13.92. Apply preconfigured protection Inline Alert Only. The site should be available on HTTP only, no HTTPS.
0 kommentar(er)
