Technical Tip: How to whitelist/exempt IP address from many scans

kmak · ‎01-22-2024

Description

This article describes the steps to configure Trusted IP in the IP List to be exempt from many scanning.

Scope

FortiWeb.

Solution

Prerequisite:

The server policy is applied with the IP List policy.
Users using static IP to connect to Web Applications protected by FortiWeb.

Using the IP List module may block/allow an IP address or a group of IP addresses. The IP addresses added in the block/allow list shall skip the subsequent scanning where the scanning sequence can be referred to at the link below.

Sequence of scans

Create the IP List under IP Protection.

Insert the name of the IP List. Action may select any as the Trusted IP will be created in the list later and shall override the action here.
After creating the IP List policy, create the IP object in the IP List. Select Trust IP for the IP object to whitelist the IP.
Review the IP Object and the type of the IP Object.
Go to the Web Protection Profile page under the Policy settings. Edit the desired Web Protection Profile to include in the IP List policy. Select the created IP List policy and save the Profile. The IP addresses are now trusted and skipped for many of the scans.

Related document:

IP List - Blocklisting & whitelisting clients using a source IP or source IP range