Azure Web Application Firewall adds better web application security to layer 7 Azure Application Gateway service and is available in all Azure public regions.
Questions tagged [azure-waf]
72 questions
12
votes
4 answers
Azure Front Door WAF is blocking .AspNet.ApplicationCookie
I'm wondering if anyone else has had this issue with Azure Front Door and the Azure Web Application Firewall and has a solution.
The WAF is blocking simple GET requests to our ASP.NET web application. The rule that is being triggered is…
Craig Allen
- 123
- 1
- 1
- 6
9
votes
0 answers
Azure Gateway WAF - Diagnostics Issue
I'm trying to setup Azure WAF (v2) on my App Gateway (currently in detection mode first to handle false positive cases), however, I'm seeing this warning:
To view your detection logs, you must have diagnostics enabled.
So, I went to Diagnostic…
ShP
- 1,143
- 1
- 12
- 41
4
votes
1 answer
How to whitelist an ip address in Azure WAF
I have an Azure Application Gateway Web Application Firewall using the OWASP 3.0 ruleset. I created a custom policy so I could create a custom rule which simply allows traffic if it's from a specific IP Address and it has a priority of 1. This is…
devlife
- 15,275
- 27
- 77
- 131
3
votes
1 answer
How to prevent false positive block in Azure WAF for password field
I'm using Azure Front door with a web application firewall policy. Managed rule set 1.0 is configured.
It all works pretty well, apart from the password field in the login page of my web site. I see numerous block occasions based on rule…
Mr M
- 51
- 3
3
votes
0 answers
Azure Application Gateway WAF: HTTP Error 400. The size of the request headers is too long
We've got an application hosted on a VM in Azure, which is behind a WAF that we've got a lot of trouble with for some users.
Some users are plagued by the HTTP Error 400. The size of the request headers is too long. The application is protected by…
Rugland
- 58
- 1
- 6
2
votes
0 answers
How to accept request body in base64 and convert to json before it reaches RestController in Spring boot
The azure waf is giving a sql injection rule match and rejecting with 403 if my request body in JSON has and sql keywords or special characters and we cannot disable the rule by our company policy.
I wanted to get the request from frontend in Base64…
Saketh Ram
- 53
- 5
2
votes
2 answers
SQL Server Reporting Services (SSRS) web portal not working with Azure Application Gateway v2
Has anyone had luck getting SSRS to work when behind a v2 Azure Application Gateway? The site loads, but randomly prompts for authentication and fails to render part of the site properly.
I first tried this with SSRS 2016 back in 2019 and worked…
Brandon Brown
- 23
- 5
1
vote
1 answer
How to create an exclusion list for certain rules based on RequestUri on the Azure WAF policy associated with Azure Application Gateway?
I have a request URL :
www..com/submit
.
I can see that I can create exclusions based on args, headers and cookies in exclusion lists for the Azure WAF policy, however, I was hoping to create a rule based on the request URI.
[Try Custom…
Akash Masand
- 1,441
- 14
- 30
1
vote
1 answer
Azure application gateway v2
Could you please help me?
I currently work with Azure application gateway waf v2 and when I try to access an application it redirects me perfectly but it does not take the variables
for example when I try to access…
th3g3ntl3man
- 13
- 2
1
vote
0 answers
How to allow socket.io traffic go through an Azure Web Application Firewall
We apply the Azure Application Gateway Web Application Firewall (WAF) to provide additional preventions against malicious attacks such as SQL Injection, Cross-Site Scripting, etc on an Azure App Service. However, when I put the WAF in prevention…
Kevin Le - Khnle
- 10,579
- 11
- 54
- 80
1
vote
2 answers
Implement Azure WAF IP Restriction on specific sub-domains
We have a multi-tennant app, with each client's instance hosted on a sub-domain. E.g.:
client1.mydomain.com
client2.mydomain.com
To support this we have an App-Gateway in Azure with a wildcard listener: *.mydomain.com that directs traffic to the…
RikRak
- 898
- 1
- 7
- 21
1
vote
1 answer
Custom IP Range in Azure WAF
I need to log the traffic coming from a range of IP address in Azure WAF by having custom rules.
For example I need to log the traffic coming from IP range starting from 10.10.
From the Azure documentation, we find how it is done for the last part…
Dheeraj p
- 111
- 4
1
vote
1 answer
Error in adding subnet while creating WAFV2 application gateway in azure
While adding subnet for creating a WAFV2 application gateway in azure, I tried to use the subnet used in WAFV1 gateway.
But it is showing an error "Subnet does not support application gateway tier".
NVJ
- 39
- 1
- 6
1
vote
0 answers
Unable to query Azure WAF logs
I have been asked to use Powershell to query Azure WAS logs for blocked requests. I found https://cloudrobots.net/2021/03/07/download-azure-wav-v2-blocking-logs-w-powershell/ but am having some trouble.
First, I created a new service principal and…
StackExchangeGuy
- 741
- 16
- 36
1
vote
0 answers
Azure Web Application Firewall API
We have a problem with certain form inputs being blocked by the Azure WAF managed rules because one of our internal systems allows certain values and is not filtered by the WAF (different host.)
I'd like to use the WAF API (which I can't find…
Matt W
- 11,753
- 25
- 118
- 215