![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 69%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENP%3C/text%3E%3C/svg%3E)
Azure Web Application Firewall
An Azure service that provides protection for web apps.
327 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Thank you for reaching out.
I understand you need to create an exclusion rule in your WAF for headers and header values
Can you let me know if you have a WAF associated with an Azure Application Gateway or Azure Front Door?
From your question it is not clear whether you have a WAF associated with an Azure Application Gateway or Azure Front Door. Either way the process below will remain the same for both of them
- Enable diagnostics logging for your WAF to understand which particular rule blocked the request and what was the user-friendly message for the triggering event. Follow these links for App Gateway or Front Door
- WAF rule log will showcase the rule ID and the message on why the WAF is blocked the request.
- Follow Exclusion rule documentation here for Front Door and apply the exclusion based on HeaderValue or use RequestHeaderValues match variable for App Gateway
Hope this helps! Please let me know if you have any additional questions. Thank you!
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.