Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
The Match Type is used to select the type of data the rule condition should evaluate for a match. i.e., This impacts the Operators list.
If you have Match Type as String, these are the Operators available,
Similarly if you have Match Type as Number, these are the Operators available
With respect to Microsoft Bot Manager ruleset,
- Bad Bots things like scraping, scanning, and looking for vulnerabilities in your web application. When these bots are stopped at the Web Application Firewall (WAF), they can’t attack you. They also can’t use up your resources and services, such as your backends and other underlying infrastructure.
- You can enable a managed bot protection rule set for your WAF to block or log requests from known malicious IP addresses. The IP addresses are sourced from the Microsoft Threat Intelligence feed. Intelligent Security Graph powers Microsoft threat intelligence and is used by multiple services including Microsoft Defender for Cloud
- See : WAF on Azure Application Gateway bot protection overview
There are three types of Bot Rules:
- BadBots
- GoodBots
- UnknownBots
See : Bot Manager Rule Set 1.0 on regional WAF
- The default action for bad bot groups is set to Block, for the verified search engine crawlers group it’s set to Allow, and for the unknown bot category it’s set to Log.
- You may overwrite the default action with Allow, Block, or Log for any type of bot rule.
- You are free to disable a rule should you find it to be a False Positive.
- In case Azure WAF blocks a bot which is a well-known good bot or something you own, you can contact Microsoft Support and request them to whitelist the Bot.
Kindly let us know if this helps or you need further assistance on this issue.
Thanks,
Kapil
Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.