Application gateway WAF can protect all attacks listed(second time)

Testa 571 Reputation points
2022-12-15T11:48:15.903+00:00

Hi,

I asked the same question here(https://learn.microsoft.com/en-us/answers/questions/1112150/application-gateway-waf-can-protect-all-attacks-li.html),
but may I confirm if WAF in Application gateway can protect from the attacks listed below?

Buffer overflow

SSI injection

Directory Traversal (The managed rule in WAF of Front Door mentioned about this)

I cannot find these in the document below.
https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules?tabs=owasp32#crs800-32

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,217 questions
Azure Web Application Firewall
{count} votes

Accepted answer
  1. David Broggy 6,371 Reputation points MVP Volunteer Moderator
    2022-12-15T14:28:02.78+00:00

    Hi Taka,

    Buffer overflows are best dealt with at the application layer by limiting what is allowed as input.

    Azure WAF is good for blocking specific field matches relative to your web site.

    That would not include SSI injection as far as I'm aware - again this may be better dealt with at the application layer by limiting input.

    I think of Azure waf as a limited set of features built on mod_security (the 'core rule set').

    If you want the full power of mod security you could set it up as a separate VM and have much more capabilities, but this requires advanced knowledge of mod_sec.

    If you need these sorts of advanced features I personally would consider a more flexible waf solution like F5 or Imperva.

    References:
    custom-waf-rules-overview
    https://en.wikipedia.org/wiki/ModSecurity


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.