Publish an application with NTLM authentication
Hello, Azure has an authentication application that is configured to use the NTLM AD provider. This is a virtual machine with IIS and users logged into the domain transparently open the site without authentication. We would like to protect applications…
Application Gateway WAF v2 only allow specfic IP Traffic
Hi Team, I have setup a custom rule in WAF previously to only allow few IP to access AGW. However the same rule doesn't works today. Current outcome by setting different combination like either Blocking or Allowing ALL traffic, instead of specific…
Upgrade your legacy WAF configuration to WAF policies
I have received "high impact" Advisor recommendations from azure to "Upgrade your legacy WAF configuration to WAF policies". I have tried to follow as per suggested in the following…
we cannot see the request in the firewall logs from application gateway
When we send the request from postman API request is getting success also seen in database(ssms), application gateway but we cannot see the request in the firewall logs what is the issues and how to solve this error we are using this below query in…
Exclude waf rule 944130(Suspicious Java classes)
Hi I have a web application which has WAF owasp3.2 enabled and its blocking a specific url (/polarion/gwt/com.polarion.UI/PortalDataService) Detailed Data: {java.lang.string found within…
About the difference web application firewall policy custom rule
Hello. Thanks for your interest in my topic. I need clarification on the difference between the web application firewall policy in azure frontdoor and the web application firewall policy in application gateway. In the waf policy for application…
Questions about the version of the CRS in Azure WAF
Hi, thanks for your interest in the topic. I have a question about the CRS version of Azure WAF. Is the latest 3.2 version of CRS in azure waf created based on the 3.2 version of OWASP? The current version of OWASP is 4.1. Compared to that, the Azure…
Confusion between WAF with Application Gateway and FrontDoor when securing custom Web Apps running on Azure VM published to the internet ?
Could you please let me know which Azure technology can be used to minimize the attack surface for safely publishing a Virtual Machine as a Web App on the internet? WAF with Application Gateway:…
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
WAF azure websocket problem
Hey everyone, I have trouble with app-gw and WAF. The problem is that we implement a websocket and in the app-gw log comes this one: error_info_s: ERRORINFO_UPSTREAM_TIMED_OUT WAFMode_s: Prevention Have another app-gw without WAF and the same config,…
Azure WAF exclusion does not work for Request Cookie Keys
Hi, I have created exclusion in WAF policy for Application Gateway. This exclusion works when I set "matchVariable = Request Cookie Keys" and does not work if I set "matchVariable = Request Cookie Names". I understood that Names and…
How to show trace info on custom error pages when WAF blocks a request and returns a 403?
If a user does something that triggers a 403 because the WAF blocked the request, I would like to show some extra information in the custom error page that I have already set in the Application Gateway, so it will be easy to identify in the Log Analytics…
Export waf owasp managed rulesets for analysis
I have a couple of application gateways, each having its own waf rulesets. I am trying to export the rules to a CSV so I can compare the differences between them, is there a good way to do this either software tool, CLI/PS or GUI? Any assistance is…
Understanding Discrepancy in WAF Detection: Sending Data as 積極性 but Matched as Mu' in SQL Injection Attack Error
Hello Team, I'm encountering an issue with the WAF Microsoft_DefaultRuleSet-2.1-MS-ThreatIntel-SQLI-99031001. When submitting a form using the POST method, specifically at the input…
Azure Application Gateway Web Application Firewall (WAF) to provide exclusion for socket io
We apply the Azure Application Gateway Web Application Firewall (WAF) to provide additional preventions against malicious attacks such as SQL Injection, Cross-Site Scripting, etc on an Azure App Service. However, when I put the WAF in prevention mode,…
Azure WAF Custom Rule - Match Type -Number
Could you provide more information on the match type number in custom rules for the WAF policy? I'm curious about its specific use cases and any details available. Additionally, I'd like to learn more about the Microsoft Bot Manager ruleset. What…
Rate Limit on Azure WAF Frontdoor Premium not working as expected
We have created an Azure Frontdoor Premim Tier with a Web Application Firewall associated with it and we are having some issues with a specific rule we created to apply rate limiting. The rule is looking for a specific URL and specifies a limit of 2 http…
Tracking Rule Changes in Azure WAF: Seeking a Master File Solution
We use Azure WAF and make constant changes to rules for different applications (adding/removing exclusions, adding/removing custom rules, etc.). We are looking for a way to track all these changes. Is there a file or document (master file style) that we…
we need to Migrate Azure Application Gateway and Web Application Firewall from V2 to V1
Is Migrate Azure Web Application Firewall from V2 to nasic waf V1 , is it possible? and how can we do that? How can we reduce the trafic manager cost in azure?
Excluded Events in WAF
We've got WAF enabled in detection mode and have set up some exclusion rules to cut down on false positives. Now, I'm curious about the ratio of excluded events to matched events. Is there a way to view the logs of excluded events or run a query to…