If a web server will be unavailable for a long period, such as when a server is undergoing hardware repair, it is experiencing extended down time, or when you have removed a server from the server pool, you may improve the performance of your FortiWeb appliance by disabling connectivity to the web server, rather than allowing the server health check to continue to check for responsiveness. For details, see “Enabling or disabling traffic forwarding to your servers”. |
Setting name | Description |
Name | Type a unique name that can be referenced in other parts of the configuration. Do not use spaces or special characters. The maximum length is 35 characters. Note: The name cannot be changed after this part of the configuration is saved. To rename a part of the configuration, clone it, select it in all parts of the configuration that reference the old name, then delete the item with the old name. |
Relationship | • And — FortiWeb considers the server to be responsive when it passes all the tests in the list. • Or — FortiWeb considers the server to be responsive when it passes at least one of the tests in the list. |
Trigger Policy | Select the name of a trigger, if any, that FortiWeb uses to log or notify an administrator if a server becomes unresponsive. |
Setting name | Description |
Protocol Type | Select the protocol that the server health check uses to contact the server. • ICMP — Send ICMP type 8 (ECHO_REQUEST or “ping”) and listen for either ICMP type 0 (ECHO_RESPONSE or “pong”) indicating responsiveness, or timeout indicating that the host is not responsive. • TCP — Send TCP SYN and listen for either TCP SYN ACK indicating responsiveness, or timeout indicating that the host is not responsive. • HTTP/HTTPS — Send an HTTP or HTTPS request and listen for a response that matches the values required by the specified Match Typeor timeout indicating that the host is not responsive. The protocol to use depends on whether you enable SSL for that server in the server pool. Contact occurs on the protocol and port number specified for that web server in the server pool. |
URL Path | Type the URL, such as /index.html, that the HTTP or HTTPS request uses to verify the responsiveness of the server. If the web server successfully returns this URL and its content matches your expression in Matched Content, it is considered to be responsive. This option appears only if Protocol Type is HTTP or HTTPS. The maximum length is 127 characters. |
Timeout | Type the maximum number of seconds that can pass after the server health check. If the web server exceeds this limit, it fails the health check. Valid values are 1 to 30. Default value is 3. |
Retry Times | Type the number of times, if any, that FortiWeb retries a server health check after failure. If the web server fails the server health check this number of times consecutively, it is considered to be unresponsive. Valid values are 1 to 10. Default value is 3. |
Interval | Type the number of seconds between each server health check. Valid values are 1 to 300. Default value is 10. |
Method | Specify whether the health check uses the HEAD, GET, or POST method. Available only when Protocol Type is HTTP or HTTPS. |
Match Type | • Matched Content — If the web server successfully returns the URL specified by URL Path and its content matches the Matched Content value, FortiWeb considers the server to be responsive. • Response Code — If the web server successfully returns the URL specified by URL Path and the code specified by Response Code, FortiWeb considers the server to be responsive. • All — If the web server successfully returns the URL specified by URL Path and its content matches the Matched Content value, and the code specified by Response Code, FortiWeb considers the server to be responsive. Available only when Protocol Type is HTTP or HTTPS. |
Matched Content | Enter one of the following values: • The exact reply that indicates that the server is available. • A regular expression that matches the required reply. This value prevents the test from falsely indicating that the server is available when it has actually replied with an error page, such as the one produced by Tomcat when a JSP application is not available. To create and test a regular expression, click the >> (test) icon. This opens a Regular Expression Validator window where you can fine-tune the expression (see “Regular expression syntax”) . Available only if Protocol Type is HTTP or HTTPS and Match Type is All or Matched Content. |
Response Code | Enter the response code that you require the server to return to confirm that it is available. Available only if Protocol Type is HTTP or HTTPS and Match Type is All or Response Code. |