:source: fwebos_waf_csrf_protection_rule.py :orphan: .. fwebos_waf_csrf_protection_rule.py: fwebos_waf_csrf_protection_rule.py -- Config FortiWeb CSRF Protection Rule ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 1.0.1 .. contents:: :local: :depth: 1 Synopsis -------- Config FortiWeb CSRF Protection Rule Requirements ------------ The below requirements are needed on the host that executes this module. - ansible>=2.11 FortiWeb Version Compatibility ------------------------------ .. raw:: html

	`v7.0.0`	`v7.0.1`	`v7.0.2`	`v7.0.3`
fwebos_waf_csrf_protection_rule.py	yes	yes	yes	yes

Parameters ---------- .. raw:: html

body Possible parameters to go in the body for the request required: True

name name of the CSRF protection rule type:string maxLength:63
security_action Select which action FortiWeb takes when it detects a missing or incorrect anti-CSRF parameter. type:string choice: alert, alert_deny, deny_no_log, block-period, client-id-block-period
block_period Enter the number of seconds that you want to block subsequent requests from the client after the FortiWeb appliance detects a CSRF attack. This setting is available only if 'security_action' is set to 'block-period'. type:integer maximum:3600 minimum:1
severity Select which severity level FortiWeb uses when it logs a CSRF attack. type:string choice: Info, Low, Medium, High
trigger Select the trigger, if any, that FortiWeb uses when it logs or sends an alert email about a CSRF attack. type:string
js_request_check Enabling this option will run another script to modify the page’s native XMLHttpRequest function and add the CSRF parameter tknfv onto it. type:string choice: enable, disable
mkey If present, objects will be filtered on property with this name type:string
vdom Specify the Virtual Domain(s) from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned. The URL parameter is one of: vdom=root (Single VDOM) vdom=vdom1,vdom2 (Multiple VDOMs) vdom=* (All VDOMs) type:array
clone_mkey Use *clone_mkey* to specify the ID for the new resource to be cloned. If *clone_mkey* is set, *mkey* must be provided which is cloned from. type:string

200 : OK: Request returns successful
400 : Bad Request: Request cannot be processed by the API
401 : Not Authorized: Request without successful login session
403 : Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
404 : Resource Not Found: Unable to find the specified resource.
405 : Method Not Allowed: Specified HTTP method is not allowed for this resource.
413 : Request Entity Too Large: Request cannot be processed due to large entity
424 : Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, invalid attribute value
429 : Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
500 : Internal Server Error: Internal error when processing the request