Web Application Firewall DRS rule groups and rules for Power Pages (preview)
[This topic is pre-release documentation and is subject to change.]
The Web Application Firewall managed rule sets for Power Pages are a subset of Azure-managed DRS 2.0 rule sets.
The following rule groups and rules are available using Web Application Firewall for Power Pages.
Note
The rule groups below are subject to change.
| Rule set | Rule IDs available in Power Pages | Description |
|---|---|---|
| General | 200002 | This rule group protects against improperly formed requests. More information: Rule group: General |
| METHOD-ENFORCEMENT | 911100 | This rule group protects against unauthorized method calls using lock-down methods (PUT, PATCH). More information: Rule group: METHOD-ENFORCEMENT |
| PROTOCOL-ENFORCEMENT | 920100, 920100, 920121, 920160, 920170, 920171, 920190, 920200, 920210, 920220, 920240, 920260 | This rule group protects against protocol and encoding issues. More information: Rule group: PROTOCOL-ENFORCEMENT |
| PROTOCOL-ATTACK | 921110, 921120, 921130, 921140, 921150, 921151, 921160 | This rule group offers protection against header injection, request smuggling, and response splitting. More information: Rule group: PROTOCOL-ATTACK |
| LFI - Local File Inclusion | 930110 | This rule group protects against file and path attacks. More information: Rule group: LFI - Local File Inclusion |
| RFI - Remote File Inclusion | 931100, 931110, 931120 | This rule group protects against remote file inclusion (RFI) attacks. More information: Rule group: RFI - Remote File Inclusion |
| XSS - Cross-site Scripting | 941101, 941110, 941140, 941170, 941180, 941190, 941200, 941210, 941220, 941230 | This rule group protects against cross-site scripting attacks. More information: Rule group: XSS - Cross-site Scripting |
| SESSION-FIXATION | 943100, 943110, 943120 | This rule group protects against session-fixation attacks. More information: Rule group: SESSION-FIXATION |
| MS-ThreatIntel-WebShells | 99005002, 99005003, 99005004 | This rule group protects against Web shell attacks. More information: Rule group: MS-ThreatIntel-WebShells |
| MS-ThreatIntel-AppSec | 99030001, 99030002 | This rule group protects against AppSec attacks. More information: Rule group: MS-ThreatIntel-AppSec |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for