A self-signed certificate is useful when all the devices in your network can be configured to trust it. In this case, if your enterprise's computers trust the internal Active Directory or Certificate Authority (CA) server that signed the certificate, the self-signed certificate can be used internally for HTTPS connections without raising trust issues.

To forward requests for web application B to a single web server, you would configure FortiWeb to use HTTP content routing and create a server pool specifically for web application B. In FortiWeb, server pools are used to group servers together based on application requirements, and you can configure the pool to contain only a single web server for application B.

In the provided configuration, the signature exception has been set for the URL http://my.blog.org/user1V. This means that any request to this specific URL will bypass the signature ID 01000001, which is designed to block cross-site scripting (XSS) attacks using the mousedown event. As the request comes from the URL http://my.blog.org/userl1/blog.php, which does not match the exception rule for http://my.blog.org/user1V, the attack will be allowed through.
Therefore, the connection will be allowed because the exception rule bypasses protection for the specified URL.