Azure Web Application Firewall
An Azure service that provides protection for web apps.
310 questions
1 answer
One of the answers was accepted by the question author.
How to add correct exclusion on Azure WAF?
Greetings. Please help in creating an exception to the rule: OWASP_3.2 - Possible Remote File Inclusion (RFI) Attack: Off-Domain Reference/Link. My web application generates requests like: …
asked 2024-05-13T11:59:44.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 36%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYT%3C/text%3E%3C/svg%3E)
Yurii Tsarienko
20
Reputation points
commented 2024-08-23T03:14:04.51+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 51%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENT%3C/text%3E%3C/svg%3E)
Nayot Tientong
0
Reputation points
0 answers
WAF rule - 100200 Malicious bots that have falsified their identity
How often is the list of Google IPs updated to avoid false positives in WAF rule '100200 Malicious bots that have falsified their identity'?
asked 2024-07-24T11:39:13.0333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 19%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Andrius Vasiliauskas
0
Reputation points
commented 2024-08-22T06:47:06.2833333+00:00
Andrius Vasiliauskas
0
Reputation points
0 answers
Azure Web Application and ChatPlayground giving different responses?
Hi, I am working on Azure AI Search. I want to use Web Application/Chat Playground for Q/A from bunch of documents at a time. I have created azure ai search service with Basic tier package for West US Region. After this, I created skillset using Text…
asked 2024-08-21T05:45:08.8133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 26%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETV%3C/text%3E%3C/svg%3E)
Tanuj Verma
0
Reputation points
asked 2024-08-21T05:45:08.8133333+00:00
Tanuj Verma
0
Reputation points
0 answers
Azure WAF Security Features in Standard Tier with Front Door
Hey all - I’m looking for insights regarding the security features offered by the Azure WAF when deployed in the Standard tier with Azure FD, particularly in scenarios where the customer does not want to create any custom rules. Given that the Microsoft…
asked 2024-08-20T04:53:06.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 20%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBG%3C/text%3E%3C/svg%3E)
Bhushan Gawale
316
Reputation points
commented 2024-08-20T10:36:35.13+00:00
Bhushan Gawale
316
Reputation points
0 answers
Azure AG WAF file upload
We need to upload a file with size is about 100MB and got blocked by Application Gateway WAF, we use the "file upload" method which is described here:…
asked 2024-08-13T09:29:17.3966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 75%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELG%3C/text%3E%3C/svg%3E)
Liang, Gene
0
Reputation points
commented 2024-08-16T15:43:08.5233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
25,371
Reputation points Microsoft Employee
1 answer
Protocol and Port ranges for allow Logic Apps IP
We got the notification about the Logc Apps IP addresses that will need updating by Nov 12th. It doesn't specify any protocol or port ranges on the required IPs that need to be added. Can anyone clarify for me if they have to be any/any or we can limit…
asked 2024-08-13T19:58:22.3966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 70%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Shaun M
0
Reputation points
answered 2024-08-13T22:05:24.44+00:00
ChaitanyaNaykodi-MSFT
25,371
Reputation points Microsoft Employee
0 answers
Getting 403 forbidden error when enabling OWASP 3.2 and Enforce request body inspection limit
There is one function in my web site to download the documents also i have 182 rules Enabled in prevention (Mode)
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,035 questions
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
310 questions
Azure ISV (Independent Software Vendors) and Startups
Azure ISV (Independent Software Vendors) and Startups
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.ISV (Independent Software Vendors) and Startups: A Microsoft program that helps customers adopt Microsoft Cloud solutions and drive user adoption.
92 questions
asked 2024-08-09T06:36:56.9+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 1%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUR%3C/text%3E%3C/svg%3E)
Umang Raichura
0
Reputation points
commented 2024-08-13T05:00:41.3866667+00:00
KapilAnanth-MSFT
43,221
Reputation points Microsoft Employee
2 answers
How do I configure the Azure Application Gateway / backend pool to drop requests that are blocked by the WAF as the log file indicate the request was blocked but the script ends up in the database.
requests blocked by the WAF are being forwarded to the backend API servers. How do you configure the backend pool or WAF to drop requests that are blocked by the WAF.
asked 2024-05-16T08:21:12.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 90%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Derek Green
5
Reputation points
answered 2024-08-07T13:41:46.8133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 59%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Jimmy Mattsson
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure WAF exclusion does not work for Request Cookie Keys
Hi, I have created exclusion in WAF policy for Application Gateway. This exclusion works when I set "matchVariable = Request Cookie Keys" and does not work if I set "matchVariable = Request Cookie Names". I understood that Names and…
asked 2024-04-11T08:51:29.7066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 78%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Konstantin Kostin
20
Reputation points
edited a comment 2024-08-06T11:47:52.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 27%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJL%3C/text%3E%3C/svg%3E)
Jarno Leikas
20
Reputation points
1 answer
One of the answers was accepted by the question author.
Setting up Azure Function App with Azure Application Gateway (WAF)
Hello! I am currently trying to setup an Azure function application that will be accessed through an Application Gateway that restricts the network level access using the Azure WAF. I want to restrict the network level access by geographical location…
asked 2024-08-05T07:07:02.6833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 44%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETS%3C/text%3E%3C/svg%3E)
tevin.sales
40
Reputation points
accepted 2024-08-06T04:48:28.53+00:00
tevin.sales
40
Reputation points
1 answer
How to preserve the Client IP that is amended by Azure Front Door, another amendment by App Gateway before reaching Azure APIM
Hi, My setup is configured with Azure Front Door + Azure WAF --> Azure App Gateway + WAF --> Azure API Management. The diagnostic data logs are kept with Azure Monitor. I am trying to configure in bound throttling policy on APIM to rate limit user…
asked 2024-07-16T00:28:41.8333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 97%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBT%3C/text%3E%3C/svg%3E)
Bi Tan
0
Reputation points
edited an answer 2024-08-06T00:28:45.8066667+00:00
ChaitanyaNaykodi-MSFT
25,371
Reputation points Microsoft Employee
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 14.000000000000002%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
0 answers
Azure OpenAi with private endpoints - Web App issue
I am currently experiencing issues after deploying an AI module into a web app. My Azure OpenAI setup includes private endpoints. The web app was tested with both public access and private endpoints. While I can view the chat box and send prompts, I…
asked 2024-07-25T02:32:33.1866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 99%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Nedda Marhoon
6
Reputation points
commented 2024-08-02T10:54:02.3066667+00:00
KapilAnanth-MSFT
43,221
Reputation points Microsoft Employee
1 answer
In azure front door WAF policy i ahve created a custom rules with conditions to block the request for particular url based on country(Geo location). It is working as expected but i would like to know accuracy of the waf policy when using geo location
We have azure front door integrated with WAF policy. i have created a custom rules with conditions to block the request for particular url to specific country(Geo location). It is working as expected but i would like to know accuracy of the waf policy…
asked 2024-07-25T13:26:55.0733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 26%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Mohideen Ansari
0
Reputation points
commented 2024-08-01T01:28:04.6266667+00:00
ChaitanyaNaykodi-MSFT
25,371
Reputation points Microsoft Employee
0 answers
so F5 awaf? how can I test the deployment without altering the infrastructure?
Hi, I'd like to deploy the F5 A WAF, but I would like to test it without risking or causing any issues. Any ideas?
asked 2024-07-30T19:56:50.7833333+00:00
Ibis N. Torres Santos
0
Reputation points
commented 2024-07-30T20:58:12.4833333+00:00
hossein jalilian
6,190
Reputation points
0 answers
Update Azure application gateway WAF rules to allow request from same ip range in short span
I have a web app hosted on AKS behind an Application Gateway with WAF. My domain is onboarded on Cloudflare. The WAF is blocking network calls to my web app with rule ID 949110. I suspect that Cloudflare is replacing the actual client IP with its own and…
asked 2024-07-24T06:05:22.67+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 50%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPN%3C/text%3E%3C/svg%3E)
Prashanth Nagaraj
0
Reputation points
commented 2024-07-25T09:31:46.5333333+00:00
KapilAnanth-MSFT
43,221
Reputation points Microsoft Employee
0 answers
Can we add ruleId to the request header
Azure Gateway WAF - we want to add ruleId to every request header
asked 2024-07-22T16:37:44.72+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 21%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Salagame, Raghavendra
1
Reputation point
commented 2024-07-24T02:44:28.9333333+00:00
Salagame, Raghavendra
1
Reputation point
2 answers
Best Methods for Diagnosing Azure Hosted Web App Communication Issues by Adjusting or Disabling Firewall Settings
Hi community, For a web app on Azure constructed using various Azure services, the design typically blocks a lot of communication for security reasons. However, to diagnose issues, it's necessary to allow inbound and outbound communication. I am…
asked 2024-07-21T13:16:22.1833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 68%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK6%3C/text%3E%3C/svg%3E)
KindCompute-6524
85
Reputation points
commented 2024-07-23T08:24:58.2366667+00:00
KapilAnanth-MSFT
43,221
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
new Ubuntu deployed today, still had old openssh-server, will Azure update the base container? CVE-2006-5051
I deployed a new Ubuntu 24.04 this morning. This base image right from Azure still has OpenSSH 9.6 (SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.4), isn't that a problem? CVE-2006-5051 How many Azure containers are at risk if they were installed and not…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 43%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
1 answer
Customize Managed Rules
Hi, I am using Application gateway with WAF V2, I am facing one issue with a user input being blocked by WAF managed rules. The backend application allows user to special characters but the request is getting blocked by WAF only. More specifically, if…
asked 2024-07-16T10:03:37.0533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 98%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Satyam Chauhan
547
Reputation points
answered 2024-07-16T10:57:28.4766667+00:00
KapilAnanth-MSFT
43,221
Reputation points Microsoft Employee