question

VinothMY-5067 avatar image
0 Votes"
VinothMY-5067 asked GitaraniSharmaMSFT-4262 edited

Rate limit on the incoming http request based on the url parameter

Hi,

I want to rate limit on the incoming http request based on the url parameter example if the 2nd request contains the same order_no I want to drop it and return some error messages - how do I do this in Azure? My application is hosted in Azure Virtual Machine.

https://test.example.com/test-services?order_no=GTest@(2021)0826001&merchantId=1&method=01

Thanks,
Vinoth

azure-application-gatewayazure-web-application-firewall
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

GitaraniSharmaMSFT-4262 avatar image
0 Votes"
GitaraniSharmaMSFT-4262 answered GitaraniSharmaMSFT-4262 edited

Hello @VinothMY-5067 ,

Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

I understand that you have an application hosted in an Azure VM and would like to rate limit on the incoming http request based on the url parameter to drop it and return some error messages.

I see you have tagged Application gateway WAF in your post but as of today, Application Gateway WAF does not have a way to rate limit incoming connections.
If you wish you may upvote the feedback in the below forum requesting this feature. All the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
https://feedback.azure.com/d365community/idea/261a91eb-8326-ec11-b6e6-000d3a4f0789

Rate-limiting is supported only with WAF on Azure Front Door.
Refer : https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/waf-faq#do-you-support-same-waf-features-in-all-integrated-platforms-

Currently, you can configure a WAF rate limit rule on Azure Front Door which can control the number of requests allowed from a particular client to a web application with URL match conditions using Azure PowerShell.
Refer : https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-rate-limit-powershell

You can also configure a custom response for Azure Front Door WAF when it blocks a request because of a matched rule.
Refer : https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-configure-custom-response-code

Kindly let us know if the above helps or you need further assistance on this issue.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.