Breyta

Deila með


Web Application Firewall DRS rule groups and rules for Power Pages

[This topic is prerelease documentation and is subject to change.]

The Web Application Firewall managed rule sets for Power Pages are a subset of Azure-managed DRS 2.0 rule sets.

The following rule groups and rules are available using Web Application Firewall for Power Pages.

Note

The rule groups below are subject to change.

Rule set Rule IDs available in Power Pages Description
General 200002 This rule group protects against improperly formed requests.
More information: Rule group: General
METHOD-ENFORCEMENT 911100 This rule group protects against unauthorized method calls using lock-down methods (PUT, PATCH).
More information: Rule group: METHOD-ENFORCEMENT
PROTOCOL-ENFORCEMENT 920100, 920100, 920121, 920160, 920170, 920171, 920190, 920200, 920210, 920220, 920240, 920260 This rule group protects against protocol and encoding issues.
More information: Rule group: PROTOCOL-ENFORCEMENT
PROTOCOL-ATTACK 921110, 921120, 921130, 921140, 921150, 921151, 921160 This rule group offers protection against header injection, request smuggling, and response splitting.
More information: Rule group: PROTOCOL-ATTACK
LFI - Local File Inclusion 930110 This rule group protects against file and path attacks.
More information: Rule group: LFI - Local File Inclusion
RFI - Remote File Inclusion 931100, 931110, 931120 This rule group protects against remote file inclusion (RFI) attacks.
More information: Rule group: RFI - Remote File Inclusion
XSS - Cross-site Scripting 941101, 941110, 941140, 941170, 941180, 941190, 941200, 941210, 941220, 941230 This rule group protects against cross-site scripting attacks.
More information: Rule group: XSS - Cross-site Scripting
SESSION-FIXATION 943100, 943110, 943120 This rule group protects against session-fixation attacks.
More information: Rule group: SESSION-FIXATION
MS-ThreatIntel-WebShells 99005002, 99005003, 99005004 This rule group protects against Web shell attacks.
More information: Rule group: MS-ThreatIntel-WebShells
MS-ThreatIntel-AppSec 99030001, 99030002 This rule group protects against AppSec attacks.
More information: Rule group: MS-ThreatIntel-AppSec

See also