Why in the WAF V2 do I get a log file stating that the request was blocked but in the application the request was successful and the record was updated?

Derek Green 0 Reputation points
2024-03-25T18:17:47.1233333+00:00

I have a rule 941320 triggering when posting putgroup into a web application. I understand why this is, it is because it has HTML tags in the payload. The bit I don't understand is why the firewall logs show this request as blocked in the log files but the data is still posted to the app. It is definitely using the correct WAF policy and I also changed the behaviour to block encase it was something to do with the anomaly scoring, there are also no custom rules just the managed OWASP 3.2 rule set with no exclusions. I am not overly technical but learning, can anyone answer this riddle.

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,063 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.