question

Nibbler avatar image
0 Votes"
Nibbler asked Nibbler edited

Azure Web Application Firewal and special characters

Hello Q&A,

I`m having issues adding special characters such as À à È è to the WAF exclusion lists.

Getting the following error message.


azure-application-gatewayazure-web-application-firewall
image.png (12.1 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JoydeepDutt-2506 avatar image
0 Votes"
JoydeepDutt-2506 answered SaiKishor-MSFT commented

Hi @KE1980 , I tried this adding in Azure portal WAF - it doesnt allow. I assume its by design of product.

· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@suvasara-MSFT Maybe you can eláboräte on this? How to solve this, as these characters are normal to be used in other languages.


0 Votes 0 ·

@KE1980 I am looking into this issue. Apologize for the delay, I will update you soon. Thanks!

0 Votes 0 ·

Awesome, no problem. Looking forward to hear from you. Have a great day.

0 Votes 0 ·
Show more comments
JoydeepDutt-2506 avatar image
0 Votes"
JoydeepDutt-2506 answered Nibbler commented

Hi @KE1980

Thank you for your post MS Q&A!

Example Special Characters: Active Directory inserts tokens that are used for authentication. These tokens can contain special characters that may trigger a false positive from the WAF rules. WAF exclusion lists allow you to omit certain request attributes from a WAF evaluation.

Ref read - https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-exclusion


(Please don’t forget to "Accept the answer" & “up-vote” , this can be beneficial to other members. Thank You)


Regards, J.D.

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi J.D.

Thanks. I have seen the documentation. But these characters, as descried, are not possible to add to the exclusion lists, as I state, and what the documentation that you are refering to suggesdts.

Regards, KE1980

0 Votes 0 ·

Hi J.D,

Also, the documentation is for Azure Front Door WAF... it is for the Application Hateway WAF. This is how the options that one have on this service:
54911-image.png


0 Votes 0 ·
image.png (40.2 KiB)

Hi J.D,

Any thoughts on this? Thanks

0 Votes 0 ·

@JoydeepDutt-2506 Please see my comment

0 Votes 0 ·