Variable | Description | Default |
default-db {basic | extended} | Select which of the antivirus signature databases to use when scanning HTTP POST requests for trojans, either: • basic — Select to use only the signatures of viruses and greyware that have been detected by FortiGuard’s networks to be recently spreading in the wild. • extended — Select to use all signatures, regardless of whether the viruses or greyware are currently spreading. | basic |
scan-bzip2 {enable | disable} | Enable to scan archives that are compressed using the BZIP2 algorithm. Tip: Scanning BZIP2 archives can be very CPU-intensive. To improve performance, block the BZIP2 file type, then disable this option. | enable |
uncomp-size-limit <limit_int> | Type the maximum size in kilobytes (KB) of the memory buffer that FortiWeb will use to temporarily undo the compression that a client or web server has applied to traffic, in order to inspect and/or modify it. See “waf file-uncompress-rule”. Caution: Unless you configure otherwise, compressed requests that are too large for this buffer will pass through FortiWeb without scanning or rewriting. This could allow malware to reach your web servers, and cause HTTP body rewriting to fail. If you prefer to block requests greater than this buffer size, configure max-http-body-length <limit_int>. To be sure that it will not disrupt normal traffic, first configure action to be alert. If no problems occur, switch it to alert_deny. | 5000 |
uncomp-nest-limit <limit_int> | Type the maximum number of allowed levels of compression (“nesting”) that FortiWeb will attempt to decompress. | 12 |