Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
max_monterumisi
New Contributor

Created on ‎03-16-2017 07:54 AM

How to exclude all signatures check for POST body in a particular page

Hi, many time, WAF (ver 5.60) block the POST to a particular page with many different signatures. This because on the raw body of the POST the customers send a xml within all type of char, code, url and other crap. This xml for the application isn't a problem, it's by developer's design.[&o] I don't want create a security hole and totally exclude the page from check signature process (with URL Access Rules), I want exclude from check process only the xml body. How I can do ?

3267
0 Kudos
2 REPLIES 2
max_monterumisi
New Contributor

Created on ‎03-17-2017 04:53 AM

The only way that I found is, from Web Application > Know Attacks > Signatures, exclude signature by signature the Elements:

HOST = www.mysite.org  as a string URI/push/Service.asmx/SendXML as a string ParameterBMS_XML as a string

but it's very long work.

Then can be better if we can exclude from all signatures the same parameters (BMS_XML)

1127
0 Kudos
john_khoxer
New Contributor
In response to max_monterumisi

Created on ‎06-14-2018 02:30 AM

I have similar question.

How is it possible to disable all signature checks for special parameter or url ?

I don't want to do it per signature!

 

This is very important feature! how come I cannot find any solution for it on the fortiweb!

1127
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.