Global Settings : Configuring HTTP service port settings
 
Configuring HTTP service port settings
By default, the FortiDDoS system listens for HTTP traffic on service port 80. If the servers in your network use nonstandard ports for HTTP traffic, you can configure the system to listen for HTTP on nonstandard service ports. You can configure up to 8 HTTP service ports.
Before you begin:
You must have Read-Write permission for Global Settings.
To configure HTTP service port settings:
1. Go to Global Settings > Settings > HTTP Service Ports.
2. Click Add to display the configuration editor.
3. Complete the configuration as described in Table 16.
4. Save the configuration.
Table 16: HTTP service ports configuration
Settings
Guidelines
Name
Configuration name. Must not contain spaces.
Enable
Select to enable the service port configuration.
Port
Specify the port number.
 
 
To configure with the CLI, use a command sequence similar to the following:
config ddos global http-service-ports
edit 1
set enable-port {enable | disable}
set port-number <port>
end
 
 
The system recommended threshold procedure excludes HTTP service ports from the port configuration blocks that it generates. When user-configured HTTP service ports are enabled, the packet rate thresholds for the user-configured ports are set to a high rate. If an HTTP service port configuration is subsequently disabled or deleted, the threshold remains at the high rate until you change it manually or perform the system recommended threshold procedure.
To manually configure detection thresholds for the nonstandard service ports:
1. Go to Protection Profiles > Thresholds > Thresholds.
2. Select TCP Ports from the Type drop-down list.
3. Configure the threshold and save the configuration.