Setting up azure firewall premium policies
I am trying to implement Azure firewall premium for our existing infrastructure using terraform to enable the IDPS feature. But the main issue I am facing is the azure firewall policies(Dnat rules) which I created are not working or not getting attached…
WAF for Azure Application Gateway - Which ruleset is better -DRS 2.1 or OWASP 3.2
I am using a WAF to secure Application Gateway. Azure portal provide option to choose either of two default rule sets: Microsoft Default Rule Set 2.1 OWASP 3.2 Although documentation says that both rule sets are applied by default in detection mode.…
How do I customize a unique response schema for 4xx and 5xx?
I'm working on the Application Gateway and tried Custom error pages for response customized. My purpose is to return a same json schema for different codes(4xx/5xx) which may due to WAF rules blocked request so I write a json data into the *.html. { …
How to have common rule enable for all Azure functions with ALLOW access
Azure functions are exposed to upstream through Azure Front Door. We will enable WAF at Front door to allow the access from all other upstream or other valid data center IP ranges including VPN. We need to restrict the access to the Azure functions only…
WAF Front Door as an IDS/IDP system
Can Web Application Firewall on Front Door function as an Intrusion Detection/Prevention System? The IDPS systems I've seen for Azure don't look like they will work with Front Door since it is an Edge system. Am I correct in that? Thanks, Eric…
WAF in AZURE Environment
Hi, I am currently exploring the implementation of Web Application Firewall (WAF) in my existing Azure VM setup and would appreciate your guidance on the following aspects. To provide you with a brief overview of my current configuration, I have a…
IIS Web Application stops connecting to sftp server after being put it behing Azure Web Application Firewall
Hi Community, Happy 2024! I have a Windows Machine with IIS Web Application which makes conections to SFTP Server from some customers. We implemented Azure WAF and put this application behind it. We also dettached the public ip address from the server…
How to configure web deploy when a .net application is behind azure waf?
Hi everyone, Before implementing Azure Waf, we used to open an inboud port 8172 in a NSG in our Windows Virtual Machine running IIS 10.o, to deploy our changes to our .net applications. After implementing WAF, I can´t do this anymore. Since my…
Azure application gateway web application firewall configuration doesn't show the new rule id updated for cve-2023-50164
Hello, Based on the update from Azure regarding the waf ruleset update for cve-2023-50164 (https://azure.microsoft.com/en-in/updates/general-availability-security-update-for-application-gateway-waf-cve202350164/), the rule id is not reflecting in my…
XSS Filter - Category 3: Attribute Vector
This error is coming in azure waf logs so it is false promise or correct promise how to identify. How to resolve this issue any idea
How to fix Failed to parse request body, Multipart request body failed strict validation
This error is coming in azure waf logs so it is false promise or correct promise how to identify. How to resolve this issue any idea
Request Header Cookies Exclusion Causes 403
We need to exclude request cookies from evaluation for a number of OWASP rules as cookies often randomly generate threats that are false positives for legitimate users. There is no clear documentation on how to exclude REQUEST_COOKIES, so we tried adding…
Confuse in Azure WAF behavior with different browsers
Hello, I have an Azure Application gateway (WAF) that prevention mode is enabled and the OWASP 3 and the Microsoft Bot rule are activate. I checked my web application with chrome and refresh and sent many requests with Chrome. Now I received 403…
False positives elimination in Azure WAF
Hello We have adopted for Azure WAF in our environment, as of now WAF is in detection mode we want to move it to prevention mode, but before doing it we want to identify which detections are legitimate and which are not. we have sentinel workbooks to…
WAF drop silently instead of returning 403
Hi, is it possible, when using WAF, silently drop requests, coming from forbidden clients, instead of returning 403? We are using custom rules, where allowed IP addresses are described. So all requests from remote location, which aren't in allowed list,…
How to exception "920440 - URL file extension is restricted by policy" rule in some use-case without decrease security or risk?
Some times app and client needs to download the some DLL files and the WAF blocked request based on "920440 - URL file extension is restricted by policy" role. Show in the below sample log: requestUri_s:…
Why does WAF block WebResource.axd / ScriptResource.axd?
In rule Microsoft_DefaultRuleSet-2.1-PROTOCOL-ENFORCEMENT-920440, among other things, it blocks WebResource.axd and ScriptResource.axd. The blocks are probably due to CVE-2010-3332 which have long since been patched. Why does WAF still have this as a…
How to resolve 403 errors for a service after changing WAF policy to protection mode?
We created a WAF policy with DETECTION mode on an application gateway but had to change it to PROTECTION mode as per security rules. Since then, there are 403 errors for one service. How can we resolve this issue?…
WAF v2 - Exclusion lists
Hi, I configured an Application Gateway with Web Application Firewall in Azure. I am receiving several false positive blocks for the application that communicates with the gateway. I checked the Microsoft tutorial on the exclusion list, but I'm not sure…
Azure WAF success stories
Where can I find a report looking back two years on Azure WAF success stories?