I am getting request such as "~^.*\.mywebsite\.com$" on my azure application gateway. This causes "ERRORINFO_REQUEST_URI_INVALID" error. How do i prevent invalid requests at the Azure WAF2 level?

Question

Recently, we are getting a lot of requests such as "~^.*.mywebsite.com$" and it gets logged in the Application Gateway as "ERRORINFO_REQUEST_URI_INVALID".

We would like to prevent such wildcard requests at the Web Application Firewall layer.

How do i set a custom rule that prevents the Gateway from even processing such requests?

Answer 1

@Prasanna Srinivasan ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I understand that you are receiving Invalid requests and you see a lot of "ERRORINFO_REQUEST_URI_INVALID" entries in App gateway Access log

If you wish to block these requests in WAF Level, you should consider using Custom rules.

• Match variable : RequestUri
• Operator : Contains
• Action : Block or Log (for testing)

Note that by using "Regex" as Operator, you can match many such cases.

• However, without understanding your architecture / domain use cases, I am afraid I cannot suggest any particular regular expression.
• If you are sure you have only one single domain, say, "www.yoursite.com", you can create a rule such that it Blocks everything except RequestUri "www.yoursite.com".
• Something like below, (double negation)
  • 

If this is a Production environment, please consider taking a maintenance window or use a lower environment to test the rules suggested.

Please let us know if we can be of any further assistance here.

Thanks,

Kapil

---

Please Accept an answer if correct.

Original posters help the community find answers faster by identifying the correct answer.