WAF blocking legit file upload

Santhya 60 Reputation points


I am facing an issue trying to upload a file, receiving 403 forbidden error. I can successfully upload the file by bypassing appgw and with WAF detection mode.

The file is taken as base64 and the error i get from appgw logs is "ruleId":"941130". I have added this rule in exclusion list with match patter as ReqArgname starts with Base64 but its not working and still blocking the file upload.

Could you let me know how to customize the exclusion rule?

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
791 questions
Azure Web Application Firewall
{count} votes

1 answer

Sort by: Most helpful
  1. GitaraniSharma-MSFT 39,431 Reputation points Microsoft Employee

    Hello @Santhya ,

    I understand that your Azure WAF was blocking a file upload and even with exclusion rule, it was not working, and you wanted to know how to customize the exclusion rule to allow the file upload.

    I requested you to share the WAF log which shows the block, so that we can formulate an exclusion rule for it.

    However, you provided an update that by using WAF logs, you were able to customize the rule and added an exclusion list, which is working now.

    Kindly let us know if you need further assistance on this issue.

    Please don’t forget to close the thread by clicking "Accept the answer".

    0 comments No comments