We apply the Azure Application Gateway Web Application Firewall (WAF) to provide additional preventions against malicious attacks such as SQL Injection, Cross-Site Scripting, etc on an Azure App Service. However, when I put the WAF in prevention mode, socket.io traffic are also getting blocked. I'm looking for the right exclusion rule to allow socket.io traffic to go through.
What exclusion rules should I use?
