Configuring application-layer DoS protection
The DoS Protection > Application submenu enables you to configure DoS protection at the network application layer.
For some DoS protection features, the FortiWeb appliance uses session management to track requests.
1. When a FortiWeb appliance receives the first request from any client, it adds a session cookie to the response from the web server in order to track the session. The client will include the cookie in subsequent requests.
2. If a client sends another request before the session timeout, FortiWeb examines the session cookie in the request.
• If the cookie does not exist or its value has changed, the FortiWeb appliance drops the request.
• If the same cookie exists, the request is treated as part of the same session. FortiWeb increments its count of connections and/or requests from the client. If the rate exceeds the limit, FortiWeb drops the extra connection or request.
See also