Share via

Azure Application Gateway Web Application Firewall (WAF) to provide exclusion for socket io

Abdul Aziz Farooqi 0 Reputation points
2024-04-02T09:57:28.4133333+00:00

We apply the Azure Application Gateway Web Application Firewall (WAF) to provide additional preventions against malicious attacks such as SQL Injection, Cross-Site Scripting, etc on an Azure App Service. However, when I put the WAF in prevention mode, socket.io traffic are also getting blocked. I'm looking for the right exclusion rule to allow socket.io traffic to go through.

What exclusion rules should I use?

Azure Web Application Firewall
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. KapilAnanth-MSFT 36,311 Reputation points Microsoft Employee
    2024-04-02T10:48:58.6433333+00:00

    @Abdul Aziz Farooqi ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you are using WAF with Azure App Service and some valid requests are being blocked by the WAF.

    • Can you share the exact Log from WAF Logs? Specifically, which Rule ID was triggered.
    • Please note that there is no generalised Exclusion as the requests are unique to your application code.
    • If you believe this to be false positive, you can
    1. Create exclusions
    2. Create custom WAF rules
    3. or Disable the Rule ID matched

    according to your environment.

    See : Tune your WAF

    Cheers,

    Kapil

    0 comments