Stack Overflow
Stack Overflow

Questions tagged [azure-web-app-firewall]

15 questions
8
votes
1 answer

Azure Application Gateway WAF blocks common ASP.Net Core Requests

I have configured a Azure Application Gateway + WAF in front of an ASP.Net Core application running on an Azure WebApp. I have the the default OWASP 3.0 Rules set on and in Prevention mode. The problem I have is that every request via the WAF fails…
Corneliu
  • 818
  • 9
  • 15
5
votes
1 answer

azure web app maximum request length exceeded

We hosted Dot Net Web Application in Azure Web App. There is File Upload and Download provisions available. When we try to upload and download small size files (in KBs), there is no issue. But when the file size is more than MB then Maximum Request…
Manigandan K
  • 63
  • 1
  • 1
  • 6
3
votes
2 answers

Maximum file upload size Azure Web Application Firewall WAF

The documentation of the Azure Web Application Firewall (WAF) lists the following limits: The maximum request body size field is specified in KBs and controls overall request size limit excluding any file uploads. This field can range from 1-KB…
Alexander van Trijffel
  • 2,916
  • 1
  • 29
  • 31
3
votes
2 answers

Azure WAF infront of Web App changes HostName

I have configured an Azure Web Application Firewall in-front of my App Service and it is successfully passing requests through. I have followed the instructions a the following microsoft docs. I have the following configuration: Custom domain:…
j_r
  • 83
  • 6
3
votes
2 answers

Can't connect App Service to Azure Web Application Firewall

I have created a web application firewall in Azure with it's own Vnet (called GatewayVnet) and external IP address as described here: https://learn.microsoft.com/en-gb/azure/application-gateway/application-gateway-web-application-firewall-portal I…
johnstaveley
  • 1,400
  • 1
  • 22
  • 46
1
vote
2 answers

Disable SMBv3 in Azure Portal

I'm responding to Microsoft's Security Advisory ADV200005 | Microsoft Guidance for Disabling SMBv3 Compression. The advice is to Disable SMBv3 compression. I'm running an Azure Web App which does not use SMBv3 or access files from other servers. So…
Windhoek
  • 1,701
  • 1
  • 15
  • 26
1
vote
1 answer

azure web application firewall (WAF) customize one rule, for particular app

I've set up ASE v2 and enabled WAF. But one of the web apps behind it requires ".axd" requests to be enabled. WAF rules block such requests (.../something.axd) - specifically, I see WAF blocks it with 'rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf'.…
AlexB
  • 4,167
  • 4
  • 45
  • 117
0
votes
2 answers

Azure Web Application Firewall (WAF) not diferentiating file uploads from normal posts and returning 413

The Azure WAF can be configured to check the maximum size of a request like this: Anyway, besides having this configuration, any time we upload a file the WAF considers it as a "not file upload operation" and returns 413 "Request entity too large"…
Ignacio Soler Garcia
  • 21,122
  • 31
  • 128
  • 207
0
votes
1 answer

How to run SQL scripts from Azure DevOps pipeline when using Service Endpoints?

I have set up an Azure App Service with VNet integration and a Service Endpoint for SQL. If I go to the Azure SQL server and turn off public access, of course now the Azure hosted pipeline can't access the server. The 2 options I can come up with so…
Martín La Rosa
  • 790
  • 4
  • 17
0
votes
1 answer

Powershell script for Azure WebApp Firewall

I have a script that removes and then adds firewall restrictions on Azure WebApp before doing a deployment. Below you will find the script az webapp config access-restriction remove -g $(qa-rg) -n $(qa-app) --rule-name myip --action Allow…
ninja666
  • 29
  • 8
0
votes
1 answer

Azure application gateway firewall logs not being populated to log analytics workspace

We have provisioned the instance of the Azure app gateway (Standard v2 East AU region) and has enabled the diagnostics settings of it to dump all metrics and logs to the log analytics workspace and this seem to be working fine, however we wanted to…
Bhushan
  • 580
  • 6
  • 19
0
votes
1 answer

Can we have a single application gateway for all VMSS created in different regions?

Can we have a single Application Gateway for all VMSS created in different regions? If yes please share the possible options.
Sachan
  • 135
  • 9
0
votes
1 answer

Why is that the Azure Web Application Firewall doesnot support for IPv6 IP address space?

I was trying to configure WAF with IPv6 address space for my application. But when I try to assign my IPv6 it says the following error message. How can I configure IPv6 with the WAF ?
Dileepa Rajapaksa
  • 442
  • 5
  • 15
0
votes
1 answer

Can the new Azure web application firewall scope the ftp port by IP address?

I am thinking of migrating from a dedicated server to Azure Web Application Service but when I did a free trial about a year ago you could not scope the ftp port by IP address leaving it open to all IPs or computers to try to login. The question is…
codefish
  • 51
  • 1
  • 6
-3
votes
1 answer

How does Web App Firewall protect from SQL Injection?

I heard that Azure App Gateway's Web App Firewall is able to protect apps from SQL injection attacks. How does it actually achieve that? Does it inspect all the incoming payload (both body and URL params)? If it does, I assume TLS termination has to…
mnj
  • 2,539
  • 3
  • 29
  • 58