![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 57.00000000000001%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
580 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 92%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Welcome to the Microsoft Q&A forum.
Based on my understanding from your question above, you have Web Application Firewall set-up and you detected a false positive where your requests were blocked by rules 931130 and 920230. You created exclusion rules to mitigate the false-positive which worked and everything working as expected. Now you want to know if creating the exclusion list is the only way to mitigate the false positive or there are any other options.
Using exclusion list is actually a recommended way to mitigate false positive in WAF. There are other options available to resolve false positive as mentioned here.
- Use exclusion lists
- See Web Application Firewall (WAF) with Front Door Service exclusion lists for more information about exclusion lists.
- Change WAF actions
- See WAF Actions for more information about what actions can be taken when a request matches a rule’s conditions.
- Use custom rules
- See Custom rules for Web Application Firewall with Azure Front Door for more information about custom rules.
- Disable rules
When selecting an approach to allow legitimate requests through the WAF, try to make this as narrow as you can. For example, it's better to use an exclusion list than disabling a rule entirely.
Another alternative here in resolving the false positive will be to modify your backend so that WAF will not block the request. I understand this will not be possible in every case.
You can go through this best practices guide for any additional details.
PS - The document links I have shared above are for Global WAF (WAF for FrontDoor) if you are using regional WAF (WAF for Application Gateway) you can go through these documents instead.
https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/best-practices
Hope this helps! Please le me know if you have any questions. Thank you!
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.