Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,805 questions
0 answers
Randomly POST calls are being blocked for few seconds
One weird thing is happening, Randomly POST calls via Ajax are being blocked for few seconds. We have two App services, one for web and one api, all Get calls are working but POST calls sop working. And within 1-2 seconds starts working. Sometime start…
Azure API Management
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,008 questions
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
288 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,032 questions
asked 2024-05-24T14:06:31.93+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 33%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Animesh Anand
0
Reputation points
asked 2024-05-24T14:06:31.93+00:00
Animesh Anand
0
Reputation points
1 answer
How do I configure the Azure Application Gateway / backend pool to drop requests that are blocked by the WAF as the log file indicate the request was blocked but the script ends up in the database.
requests blocked by the WAF are being forwarded to the backend API servers. How do you configure the backend pool or WAF to drop requests that are blocked by the WAF.
asked 2024-05-16T08:21:12.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 90%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Derek Green
0
Reputation points
commented 2024-05-24T10:08:43.76+00:00
Derek Green
0
Reputation points
0 answers
http2 compatibility
We have 2 environments were WAF is configured. In the DEV environment, its working on http2 In the UAT environment, its not working on http2. When the WAF configuration is change, it works on http1.1. I have provided some detains below (you will see…
asked 2024-05-21T16:42:57.35+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 73%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFM%3C/text%3E%3C/svg%3E)
Fobuzie, Marleo
0
Reputation points
commented 2024-05-22T05:20:22.98+00:00
KapilAnanth-MSFT
36,861
Reputation points Microsoft Employee
1 answer
Configuring exclusions on Applicaiton Gateway WAF
Hello, At present we are using an Application Gateway WAFv2 (in monitor mode) for web applications hosted on the backend VMs. We want to move the WAF to prevent mode, but based on the logs collected we think many legitimate requests will be blocked,…
asked 2022-03-07T18:21:46.043+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 26%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Ashish Gupta
1
Reputation point
commented 2024-05-20T17:22:02.3733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 90%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EME%3C/text%3E%3C/svg%3E)
Morgan Ecklund
0
Reputation points
1 answer
One of the answers was accepted by the question author.
WAF (v2) Managed Exclusion Rule difficulty with a particular request.
Hi experts.. I have a particularly troublesome request being blocked and am seemingly unable create a suitable managed exclusion rule, although it appears that it should be possible. We have an asp.net (web forms) application that uses SSRS ReportViewer…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
1 answer
I want to block certain regions of a country on application gateway and not entire country how can I do that
I want to block certain regions in country based on iso code and azure only gives me option to do it for entire country. How can I implement it for a region in country
asked 2024-05-14T20:00:33.4566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 57.99999999999999%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Kajal Kothari
0
Reputation points
edited an answer 2024-05-17T11:07:24.1833333+00:00
GitaraniSharma-MSFT
48,016
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
How to add correct exclusion on Azure WAF?
Greetings. Please help in creating an exception to the rule: OWASP_3.2 - Possible Remote File Inclusion (RFI) Attack: Off-Domain Reference/Link. My web application generates requests like: …
asked 2024-05-13T11:59:44.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 36%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYT%3C/text%3E%3C/svg%3E)
Yurii Tsarienko
20
Reputation points
edited the question 2024-05-14T13:53:35.8033333+00:00
KapilAnanth-MSFT
36,861
Reputation points Microsoft Employee
0 answers
I would like to check if there is a possibility to block based on device ID in WAF
we need to block the requests in waf based on the client device ID . How can we achieve it. And also is there any way to know the device ID of the user from waf logs
asked 2024-05-12T19:28:38.02+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 32%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Madhavi Sri
0
Reputation points
commented 2024-05-13T09:48:05.06+00:00
KapilAnanth-MSFT
36,861
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Upgrade your legacy WAF configuration to WAF policies
I have received "high impact" Advisor recommendations from azure to "Upgrade your legacy WAF configuration to WAF policies". I have tried to follow as per suggested in the following…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 1%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Publish an application with NTLM authentication
Hello, Azure has an authentication application that is configured to use the NTLM AD provider. This is a virtual machine with IIS and users logged into the domain transparently open the site without authentication. We would like to protect applications…
asked 2024-05-10T18:04:38.6366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 86%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Mountain Pond
1,346
Reputation points
edited a comment 2024-05-12T21:44:25.38+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 4%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sina Salam
4,216
Reputation points
0 answers
Application Gateway WAF v2 only allow specfic IP Traffic
Hi Team, I have setup a custom rule in WAF previously to only allow few IP to access AGW. However the same rule doesn't works today. Current outcome by setting different combination like either Blocking or Allowing ALL traffic, instead of specific…
asked 2024-05-09T14:14:58.09+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 66%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWT%3C/text%3E%3C/svg%3E)
William Tang
0
Reputation points
commented 2024-05-10T03:00:16.28+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
23,426
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
we cannot see the request in the firewall logs from application gateway
When we send the request from postman API request is getting success also seen in database(ssms), application gateway but we cannot see the request in the firewall logs what is the issues and how to solve this error we are using this below query in…
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
973 questions
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
288 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,032 questions
Azure Startups
Azure Startups
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.Startups: Companies that are in their initial stages of business and typically developing a business model and seeking financing.
30 questions
asked 2023-11-03T12:25:26.3333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 69%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
Mayank Jain
260
Reputation points
edited the question 2024-05-07T15:52:43.4566667+00:00
bharathn-msft
5,086
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Exclude waf rule 944130(Suspicious Java classes)
Hi I have a web application which has WAF owasp3.2 enabled and its blocking a specific url (/polarion/gwt/com.polarion.UI/PortalDataService) Detailed Data: {java.lang.string found within…
asked 2024-04-30T05:34:57.15+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 55.00000000000001%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
Jagadish Karem
26
Reputation points
accepted 2024-04-30T08:30:16.36+00:00
Jagadish Karem
26
Reputation points
1 answer
One of the answers was accepted by the question author.
About the difference web application firewall policy custom rule
Hello. Thanks for your interest in my topic. I need clarification on the difference between the web application firewall policy in azure frontdoor and the web application firewall policy in application gateway. In the waf policy for application…
asked 2024-04-22T08:42:29.3433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 99%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
romero
105
Reputation points
commented 2024-04-22T10:28:22.72+00:00
KapilAnanth-MSFT
36,861
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Questions about the version of the CRS in Azure WAF
Hi, thanks for your interest in the topic. I have a question about the CRS version of Azure WAF. Is the latest 3.2 version of CRS in azure waf created based on the 3.2 version of OWASP? The current version of OWASP is 4.1. Compared to that, the Azure…
asked 2024-04-17T09:20:29.2833333+00:00
romero
105
Reputation points
commented 2024-04-18T10:23:54.53+00:00
GitaraniSharma-MSFT
48,016
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Confusion between WAF with Application Gateway and FrontDoor when securing custom Web Apps running on Azure VM published to the internet ?
Could you please let me know which Azure technology can be used to minimize the attack surface for safely publishing a Virtual Machine as a Web App on the internet? WAF with Application Gateway:…
asked 2024-04-12T12:12:14.38+00:00
EnterpriseArchitect
4,871
Reputation points
commented 2024-04-17T13:31:35.5466667+00:00
KapilAnanth-MSFT
36,861
Reputation points Microsoft Employee
7 answers
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
asked 2020-11-15T13:17:27.597+00:00
EnterpriseArchitect
4,871
Reputation points
answered 2024-04-16T12:18:12.6+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 96%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
carlintveld
26
Reputation points
1 answer
One of the answers was accepted by the question author.
WAF azure websocket problem
Hey everyone, I have trouble with app-gw and WAF. The problem is that we implement a websocket and in the app-gw log comes this one: error_info_s: ERRORINFO_UPSTREAM_TIMED_OUT WAFMode_s: Prevention Have another app-gw without WAF and the same config,…
asked 2024-04-05T11:43:25.07+00:00
Nasimjon Tohirov
231
Reputation points
accepted 2024-04-12T09:35:54.9466667+00:00
Nasimjon Tohirov
231
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure WAF exclusion does not work for Request Cookie Keys
Hi, I have created exclusion in WAF policy for Application Gateway. This exclusion works when I set "matchVariable = Request Cookie Keys" and does not work if I set "matchVariable = Request Cookie Names". I understood that Names and…
asked 2024-04-11T08:51:29.7066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 78%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Konstantin Kostin
20
Reputation points
accepted 2024-04-12T05:06:05.2633333+00:00
Konstantin Kostin
20
Reputation points
1 answer
One of the answers was accepted by the question author.
How to show trace info on custom error pages when WAF blocks a request and returns a 403?
If a user does something that triggers a 403 because the WAF blocked the request, I would like to show some extra information in the custom error page that I have already set in the Application Gateway, so it will be easy to identify in the Log Analytics…
asked 2024-03-20T15:38:05.0133333+00:00
del Risco Martínez, Jorge
20
Reputation points
accepted 2024-04-09T07:48:07.0466667+00:00
del Risco Martínez, Jorge
20
Reputation points