Questions tagged [azure-web-app-firewall]

Ask Question

The tag has no usage guidance.

azure-web-app-firewall
16 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
8 votes
1 answer
10k views

Azure Application Gateway WAF blocks common ASP.Net Core Requests

I have configured a Azure Application Gateway + WAF in front of an ASP.Net Core application running on an Azure WebApp. I have the the default OWASP 3.0 Rules set on and in Prevention mode. The ...
Corneliu's user avatar
Corneliu
  • 828
5 votes
1 answer
12k views

azure web app maximum request length exceeded

We hosted Dot Net Web Application in Azure Web App. There is File Upload and Download provisions available. When we try to upload and download small size files (in KBs), there is no issue. But when ...
Manigandan K's user avatar
Manigandan K
  • 63
3 votes
2 answers
2k views

Can't connect App Service to Azure Web Application Firewall

I have created a web application firewall in Azure with it's own Vnet (called GatewayVnet) and external IP address as described here: https://learn.microsoft.com/en-gb/azure/application-gateway/...
johnstaveley's user avatar
johnstaveley
  • 1,430
3 votes
2 answers
1k views

Azure WAF infront of Web App changes HostName

I have configured an Azure Web Application Firewall in-front of my App Service and it is successfully passing requests through. I have followed the instructions a the following microsoft docs. I have ...
j_r's user avatar
j_r
  • 83
3 votes
2 answers
4k views

Maximum file upload size Azure Web Application Firewall WAF

The documentation of the Azure Web Application Firewall (WAF) lists the following limits: The maximum request body size field is specified in KBs and controls overall request size limit excluding any ...
Alexander van Trijffel's user avatar
Alexander van Trijffel
  • 2,976
1 vote
2 answers
130 views

Disable SMBv3 in Azure Portal

I'm responding to Microsoft's Security Advisory ADV200005 | Microsoft Guidance for Disabling SMBv3 Compression. The advice is to Disable SMBv3 compression. I'm running an Azure Web App which does ...
Windhoek's user avatar
Windhoek
  • 1,781
1 vote
1 answer
540 views

azure web application firewall (WAF) customize one rule, for particular app

I've set up ASE v2 and enabled WAF. But one of the web apps behind it requires ".axd" requests to be enabled. WAF rules block such requests (.../something.axd) - specifically, I see WAF blocks it with ...
AlexB's user avatar
AlexB
  • 4,383
0 votes
2 answers
1k views

Azure Web Application Firewall (WAF) not diferentiating file uploads from normal posts and returning 413

The Azure WAF can be configured to check the maximum size of a request like this: Anyway, besides having this configuration, any time we upload a file the WAF considers it as a "not file upload ...
Ignacio Soler Garcia's user avatar
Ignacio Soler Garcia
  • 21.6k
0 votes
1 answer
2k views

Can we have a single application gateway for all VMSS created in different regions?

Can we have a single Application Gateway for all VMSS created in different regions? If yes please share the possible options.
Sachan's user avatar
Sachan
  • 135
0 votes
1 answer
120 views

Modify the Azure application gateway rule using rest api

I was trying to enable/disable the ApplicationGateway WAF rules using Postman's rest API. I tried to disable the rules 200003 and 200004 using rest API. I was using the below URL for the REST API ...
mystack's user avatar
mystack
  • 5,168
0 votes
1 answer
531 views

How to run SQL scripts from Azure DevOps pipeline when using Service Endpoints?

I have set up an Azure App Service with VNet integration and a Service Endpoint for SQL. If I go to the Azure SQL server and turn off public access, of course now the Azure hosted pipeline can't ...
Martín La Rosa's user avatar
Martín La Rosa
  • 800
0 votes
1 answer
709 views

Powershell script for Azure WebApp Firewall

I have a script that removes and then adds firewall restrictions on Azure WebApp before doing a deployment. Below you will find the script az webapp config access-restriction remove -g $(qa-rg) -n $(...
ninja666's user avatar
ninja666
  • 29
0 votes
1 answer
3k views

Azure application gateway firewall logs not being populated to log analytics workspace

We have provisioned the instance of the Azure app gateway (Standard v2 East AU region) and has enabled the diagnostics settings of it to dump all metrics and logs to the log analytics workspace and ...
Bhushan's user avatar
Bhushan
  • 632
0 votes
1 answer
754 views

Why is that the Azure Web Application Firewall doesnot support for IPv6 IP address space?

I was trying to configure WAF with IPv6 address space for my application. But when I try to assign my IPv6 it says the following error message. How can I configure IPv6 with the WAF ?
Dileepa Rajapaksa's user avatar
Dileepa Rajapaksa
  • 442
0 votes
1 answer
503 views

Can the new Azure web application firewall scope the ftp port by IP address?

I am thinking of migrating from a dedicated server to Azure Web Application Service but when I did a free trial about a year ago you could not scope the ftp port by IP address leaving it open to all ...
codefish's user avatar
codefish
  • 51
-3 votes
1 answer
1k views

How does Web App Firewall protect from SQL Injection?

I heard that Azure App Gateway's Web App Firewall is able to protect apps from SQL injection attacks. How does it actually achieve that? Does it inspect all the incoming payload (both body and URL ...
mnj's user avatar
mnj
  • 3,031