How do I increase the request body size of Application Gateway to 2MB?

日向裕紀 41 Reputation points
2022-03-12T22:49:48.47+00:00

For application gateway request size, see
If you look at the Microsoft site, you can set a limit of up to 2MB.
Where do I set this up from?
The WAF rule is "OWASP3.2", but the upper limit remains 128K.
I would appreciate it if anyone could tell me if you know.
Thank you.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits
Web Application Firewall request size limits
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For CRS 3.2 (on the WAF_v2 SKU) and newer, these limits are as follows when using a WAF policy for Appplication Gateway:

2MB request body size limit
4GB file upload limit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
978 questions
0 comments No comments
{count} votes

Accepted answer
  1. GitaraniSharma-MSFT 48,096 Reputation points Microsoft Employee
    2022-03-14T07:09:29.133+00:00

    Hello @日向裕紀 ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you would like to know how to increase the request body size of Application Gateway to 2MB using OWASP3.2 WAF rule.

    As mentioned in our official doc, for CRS 3.2 (on the WAF_v2 SKU) and newer, the WAF request size limits are as follows when using a WAF policy for Application Gateway: 2MB request body size limit & 4GB file upload limit.

    In order to increase the WAF maxRequestBodySizeInKb from 128kb to 2000KB, you need to follow the below steps:

    1) Create a WAF policy and associate it to your Application gateway by following the steps in below doc.
    Refer : https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/create-waf-policy-ag

    2) Once the WAF policy is associated to your App gateway, the WAF configuration on your Application gateway will look like below:

    182674-image.png

    3) Now, Go to your Azure portal -> Application Gateway WAF Policy -> Managed Rules and you will see a new managed ruleset “OWASP_3.2” as below:

    182693-image.png

    4) This managed ruleset is in preview and allows you to increase the maxRequestBodySizeInKb upto 2000 once selected.
    5) So, select “OWASP_3.2” managed rule set and save.
    6) Go to Policy settings and now you can set Max request body Size (Kb) to 2000 as below:

    182629-image.png

    Kindly let us know if the above helps or you need further assistance on this issue.


    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. risolis 8,701 Reputation points
    2022-03-12T23:18:18.267+00:00

    Hi @日向裕紀

    Did you try it from here?

    An Azure WAF policy can be applied to web applications hosted on Application Gateway or Azure Front Doors.

    0 comments No comments

  2. LEONARDO MANUEL OJEDA CONTRERAS 1 Reputation point
    2022-04-12T09:16:12.253+00:00

    Hello,

    How can I extract the body size in the request if i use wokspace log analytic?, we need to know what is the maximum size per day?

    Thank you,

    0 comments No comments