How to create an exclusion list for certain rules based on RequestUri on the Azure WAF policy associated with Azure Application Gateway?

Question

I have a request URL :

www.<some-url>.com/submit

.

I can see that I can create exclusions based on args, headers and cookies in exclusion lists for the Azure WAF policy, however, I was hoping to create a rule based on the request URI.

[Try Custom rules--> Matchtype: String, MatchVariable: RequestURI]

score 0 · Answer 1 · answered Jan 25 '23 at 05:31

In order to create exclusions based on args, headers and cookies in exclusion lists for the Azure WAF policy we have to create our own custom rules or we can use Managed rules provided by default.

You can configure an exclusion to apply across all WAF rules.

NOTE: Sometimes WAF rules may block a request that you want to allow for your application. If any site down, disable the rule and retry..

Steps: enter image description here

We can add rule like this enter image description here

How to create an exclusion list for certain rules based on RequestUri on the Azure WAF policy associated with Azure Application Gateway?

1 Answers1