All Questions
Tagged with azure-application-gateway azure-waf
32
questions
9
votes
0
answers
2k
views
Azure Gateway WAF - Diagnostics Issue
I'm trying to setup Azure WAF (v2) on my App Gateway (currently in detection mode first to handle false positive cases), however, I'm seeing this warning:
To view your detection logs, you must have ...
- 1,143
4
votes
1
answer
7k
views
How to whitelist an ip address in Azure WAF
I have an Azure Application Gateway Web Application Firewall using the OWASP 3.0 ruleset. I created a custom policy so I could create a custom rule which simply allows traffic if it's from a specific ...
- 15.7k
2
votes
2
answers
1k
views
SQL Server Reporting Services (SSRS) web portal not working with Azure Application Gateway v2
Has anyone had luck getting SSRS to work when behind a v2 Azure Application Gateway? The site loads, but randomly prompts for authentication and fails to render part of the site properly.
I first ...
1
vote
1
answer
1k
views
Error in adding subnet while creating WAFV2 application gateway in azure
While adding subnet for creating a WAFV2 application gateway in azure, I tried to use the subnet used in WAFV1 gateway.
But it is showing an error "Subnet does not support application gateway ...
- 39
1
vote
1
answer
84
views
Bicep code to deploy WAF policy for Azure Application gateway
I am trying to deploy a WAF policy for Application gateway with bicep. It should contain OWASP rule set 3.2. My code is as below:
param wafPolicyName string = 'mypolicy'
param location string = '...
- 2,147
1
vote
1
answer
1k
views
How to create an exclusion list for certain rules based on RequestUri on the Azure WAF policy associated with Azure Application Gateway?
I have a request URL :
www.<some-url>.com/submit
.
I can see that I can create exclusions based on args, headers and cookies in exclusion lists for the Azure WAF policy, however, I was hoping ...
- 1,551
1
vote
2
answers
903
views
Azure Application Gateway WAF Policy Custom Rule Update
I have an Application Gateway WAF policy.
I want to update the existing custom rule by adding another IP address.
How can I do this dynamically from Powershell or Azure CLI?
1
vote
1
answer
359
views
Azure application gateway v2
Could you please help me?
I currently work with Azure application gateway waf v2 and when I try to access an application it redirects me perfectly but it does not take the variables
for example when I ...
- 13
1
vote
1
answer
727
views
Maximum Character allowed in Query string of WAF
Currently my WAF is blocking my query strings because of long query strings. Is there a way for WAF to allow long query strings? Otherwise what is the limit in characters that is allowed in the query ...
- 155
0
votes
1
answer
5k
views
Terraform Error: Failed to query available provider packages
I'm trying to deploy a simple infrastructure in Azure through Terraform, the infrastructure is made of an Application Gateway (with Web Application Firewall, so the WAF_v2 version) with two virtual ...
- 151
0
votes
1
answer
678
views
Setup WAF for App Services without Application Gateway
I am searching for a way to enable WAF for my App Services but I don't want to use Application Gateway instead I am wondering if it is possible to configure WAF in the app services itself. Need some ...
0
votes
1
answer
157
views
How to add CNAME for app service which is behind the WAF Application Gateaway?
I have one app service which has one custom domain(abc.com) and a default domain(something.azurewebsites.net). There is one WAF AG(Application gateway) infront of app service.
In the dns zone, I have ...
0
votes
1
answer
567
views
How to dissociate WAF from Azure application gateway?
How to dissociate WAF from Azure application gateway?
I selected the WAF and clicked on associated application gateways. Selected the application gateway that needs to be dissociated from the WAF.
but ...
0
votes
1
answer
792
views
How to setup session affinity for Rest API in Azure App Service
I have a frontend app service (scaled up to 3 nodes) and a api app service (scaled up to 3 nodes) on Azure. When user enter the website, the request goes to frontend app service first and then ...
- 1
0
votes
1
answer
738
views
How to configure NSG for WAF v2 Application Gateway subnet?
I want to configure Network Security Group(NSG) for my Application gateway(AG) subnet.
I tried to follow this doc - here but after applying the inbound rules to my NSG, I am getting timeout when ...
0
votes
1
answer
1k
views
Azure Application GW WAF custom rule not working
I have an App GW WAF v2 where I need to set up a custom rule to check for the presence of a Request Header. I couldn't get it to work. So next I set up a very simple check.
"customRules":[{
...
- 415
0
votes
2
answers
630
views
Access Denied error on mutual authentication in Application Gateway v2 and Azure App Service
Ref1: enter link description here
Ref2: enter link description here
I've implemented mutual (certificate) authentication and I hosted my app on the Azure App service. When I open directly my app URL ...
- 173
0
votes
1
answer
365
views
Azure WAF custom rule to block all PHP requests
I have a Application Gateway with WAF in front of several applications (WebAPI, FunctionApp).
My application are all written for .NET6+.
I see in my logs a lot of requests to PHP files. Most likely ...
- 3,154
0
votes
1
answer
2k
views
Azure Application Gateway Timeout #long running process
We are using Azure Application Gateway with WAF. We have configured a timeout of 3600 seconds, and we performed the following scenario with Azure WAF and without WAF:
With Azure: The application runs ...
0
votes
0
answers
1k
views
Allowing HTTP Header Content Type */* in Azure WAF Rules
I am trying to call the Azure-hosted API endpoint using a 3rd party application. Application sends the HTTP request with the header values ContentType = "*/*";
Azure Application Gateway WAF ...
- 3,266
0
votes
2
answers
694
views
Azure Applicatoin Gateway WAF managed rule exclusion remove cli command not working as expected
Configured Azure Application Gateway with WAF enabled, trying to remove waf managed rule exclusion using az network application-gateway waf-policy managed-rule exclusion rule-set remove command. ...
- 117
0
votes
0
answers
258
views
Azure WAF Rewrite rules for updating port numbers
I have a server in Azure running two web apps, one on port 443 (IIS), another on 1024 (Apache). Both are https. I have an Azure Application Gateway (WAF v2) in place. I would like to allow requests ...
- 1
0
votes
1
answer
42
views
Unable to create a WAF2 gateway in azure
On the final stage of creating a WAF2 gateway, there is an error with code "ApplicationGatewaySslCertificateTooBig" and message "Data too big for certificate".
Could anyone please ...
- 39
0
votes
1
answer
1k
views
Toggle an Application Gateway WAF to Prevention/Detection mode
Goal:
Toggle an application Gateway WAF between prevention and detection mode via code.
Configuration Details:
App GW SKU: WAFv2
Application Gateway WAF deployed
Custom rules and managed policies are ...
- 21
0
votes
1
answer
798
views
Azure: After Uploading SSL CERTIFICATE through Application Gateway Listeners on azure ,URL is not hitting
After creating Application Gateway Listeners and rules we have uploaded the SSL certificate(HTTPS) for Port:-443, but URL is not hitting.
we are using application gateway WAF , App services, we have ...
0
votes
1
answer
756
views
Azure: Application gateway listeners based routing. A communication error occurred: "Operation timed out"
We have configured Listeners and add the rules and upload the SSL certificate on Azure portal
But the server is not hitting the URL. Suggest me if there any settings i missed to configure to enable ...
0
votes
1
answer
349
views
How to analyze WAF rules on Azure?
We have an accreditation requirement to prepare some form a report that has charts/metrics of WAF detection examples, as well as recommendations
We essentially want to perform a couple hours of ...
- 3,263
0
votes
1
answer
1k
views
In a REST API on a field like a password where special characters are encouraged what is the best-practice for encoding to avoid WAF false-positives
I have a REST API that uses JSON data. The Web-Application-Firewall (WAF) monitoring the traffic uses standard OWASP rules. One rule is blocking passwords that have caret characters.
e.g. leA^n12
I ...
- 374
0
votes
2
answers
409
views
How to change order Listener in Azure Application gateway
In Azure Application gateway, you can associate Listeners with the host name.
but, how to change the order of the listeners, since the choice is made in order.
Example:
Name: port host
...
- 379
0
votes
1
answer
681
views
Forwarding request to Azure Application Gateway Backend Pool depending upon Incoming request header
I have the following Setup:
One Application Gateway with WAF V2.
Two backend pools (say Backend1 and Backend2).
Both backends have same Application but with different version (Say
V1 and V2).
I want ...
- 114
0
votes
2
answers
3k
views
How to create WAF exclusion for specific HTTP header value
We have an OWASP rule that is wrongfully being hit for a specific website, say xyz.com
How can we create an exclusion in the Azure WAF policy for that rule only for this specific website? I was trying ...
- 2,995
-2
votes
1
answer
2k
views
Web application firewall (WAF) rules validation by javascript
WAF Rules applied to web application which is already developed. To overcome WAF blocking inputs , need to convert format of input or encode input before form submitting got failed. If any ...
