Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
From your verbatim, you want to know which WAF Rule is blocking the requests to your Application Gateway.
You can use the Firewall log to identify which rule actually got triggered.
- ruleSetType, ruleSetVersion and ruleId parameters would confirm the exact rule that blocked the request.
- To enable Firewall logs, follow : Enable logging through the Azure portal
- Once enabled, after few minutes, Navigate to App Gateway ---> Logs (from the side bar)
Query:
AzureDiagnostics
| where ResourceProvider == "MICROSOFT.NETWORK" and Category == "ApplicationGatewayFirewallLog"
Once identified,
You have 3 ways to work around this
- Disable the Managed Rule : Disable rule groups and rules
- Create Exclusions List
- WAF exclusion lists allow you to omit certain request attributes from a WAF evaluation. The rest of the request is evaluated as normal.
- Use custom rules which have a higher priority than managed rules
- These rules hold a higher priority than the rest of the rules in the managed rule sets. The custom rules have an action (to allow or block), a match condition, and an operator to allow full customization.
Methods #2 and #3 require you to validate what part of your request is triggering the WAF managed rule and create an Exclusion or Custom Rule to bypass it accordingly.
Please let us know if we can be of any further assistance here.
Thanks,
Kapil
Please Accept an answer if correct.
Original posters help the community find answers faster by identifying the correct answer.